Continuing into a chapter 4 of
Enterprise Security: A Data-Centric Approach to Securing the Enterprise by Aaron Woody we start to look at some technical aspects of security and technology covering things like the capabilities of new generation of firewalls, DNS security and so on. The information is presented in a very readable manner.
As an Enterprise Technology Architect, and having security specialist friends I thought I was reasonably well informed in this aspect of IT, but the book still taught me me things. Interestingly, perhaps not intended but the chapter left me with a number of things that could be incorporated into development governance that would make the work of network security a lot easier.
The chapter continues with lots of really helpful references many, maybe all are incorporated into a series of appendices that are full of helpful information references and links. If these are made available on the book’s website (see below) it would likely become a must go to site for security resources.
It does leave me asking one question how does this all fit in when using a PaaS solution such as those offered by the likes of Amazon and Rackspace?
Previous blog entries:
There is also a supporting website for the book at http://www.datacentricsec.com/