• Home
    • Phil-Wilkins.uk
  • About
    • Presenting Activities
    • http://phil-wilkins.uk/
    • LinkedIn
  • Books & Publications
    • Fluentd, Unified Logging With
      • Unified Logging with Fluentd – Book
      • Fluentd Book Resources
      • Log Generator
    • API & API Platform
      • API Useful Resources
    • Oracle Integration
      • Book Website
      • Useful Reading Sources
  • Resources
    • GitHub
    • Mindmaps Index
    • Patterns Sources
    • Oracle Integration Site

Phil (aka MP3Monster)'s Blog

~ from Technology to Music

Phil (aka MP3Monster)'s Blog

Daily Archives: January 17, 2014

Enterprise Security – A Data Centric Approach – Chapters 5 & 6

17 Friday Jan 2014

Posted by mp3monster in Book Reviews, Books, General, Packt, Technology

≈ 3 Comments

Tags

Aaron Woody, Enterprise Security, security processes

Continuing with Enterprise Security: A Data-Centric Approach to Securing the Enterprise by Aaron Woody Chapter 5 gest into some of the security processes and technologies to securing you compute platforms covering topics such as:

  • anti-virus (or not),
  • network lock down through the use of local firewalls built into the OS (so people can’t then just access the server by any means they desire SSH, RDP, telnet etc)
  • user permissions
  • auditing (so you can see what is happening/happened and by whom)
  • detection of file change in parts of the system that shouldn’t change except through specific mechanisms e.g. OS files should only change when patching the OS

But more importantly the chapter links these kinds of activities to the analysis of risk and previously developed trust models. So that you can understand how much security is suitable and justifiable.  The ideas along with the pros and cons of each activity are well explained and clearly presented.

Chapter 6 takes us back to central theme of the book – data.  With our policies and models identified we need to locate the data – this is harder than it may sound, not everything is in a database (the amount of business operation that runs on spreadsheets on people’s desktops, is endlessly amazing and then compounded by how we make the data collaborative – emailing, moving with personal USB storage, cloud services and on and on). To help find, track and potentially constrain it  (prevent undue leakage) the book walks through the ideas of classification and ownership/accountability and then really starts to tie together the earlier chapters, as well as introduce some additional technology concepts such as the encryption of data when in transit and at rest. Like chapter 5, you don’t need a PhD to understand where to apply security and why – the doing maybe a different kettle of fish of course.

Previous blog entries:

  • Chapter 1
  • Chapter 2
  • Chapter 3

There is also a supporting website for the book athttp://www.datacentricsec.com/
Enterprise Security - A Data Centric Approach

Oracle Ace Director

Oracle Ace Director

TOGAF 9

Unified Logging with Fluentd

Oracle Cloud Integration Book

API Platform Book

Oracle Dev Meetup London

Categories

  • App Ideas
  • Books
    • Book Reviews
    • Oracle Press
    • Packt
  • Enterprise architecture
  • General
    • economy
    • LinkedIn
    • Website
  • Music
    • Music Resources
    • Music Reviews
  • Photography
  • Technology
    • APIs & microservices
    • chatbots
    • Cloud
    • Dev Meetup
    • development
    • drone
    • FluentD
    • mindmap
    • OMESA
    • Oracle
      • API Platform CS
        • tools
      • Helidon
      • ITSO & OEAF
      • Java Cloud
      • NodeJS Cloud
      • OIC – ICS
    • TOGAF
    • UKOUG
  • xxRetired

Twitter

  • Anyone interested in monitoring and making log events useful checkout events.linuxfoundation.org/fluentcon/ you don't have to be… twitter.com/i/web/status/1…Next Tweet: 1 day ago
  • Check out this Meetup: Fly like a rocket with Helidon meetup.com/virtualJUG/eve… #Meetup #London via @MeetupNext Tweet: 1 day ago
  • Adventures in DevOps –@Fluentd blog.mp3monster.org/2021/01/20/adv…Next Tweet: 6 days ago
  • A nicely explained article about why security needs to start with people. lnkd.in/dwHpT-rNext Tweet: 1 week ago
  • I love stories like this, how physical music has helped them reconnect. How My Record Player Helped Me Feel the Mus… twitter.com/i/web/status/1…Next Tweet: 1 week ago
Follow @mp3monster

OraWorld

OraWorld

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 570 other followers

Blogs I Follow

  • Rick's blog
  • A journey in development
  • Phil (aka MP3Monster)'s Blog
  • RedThunder.Blog
  • A millennial's musings
  • Shalindra's Blogs
  • BTplusMore
  • Creativenauts
  • PaaS Community Blog
  • RedStack
  • Musings of an Enterprise Software Technologist
  • The Open Group Blog
  • SutoCom Solutions
  • Rob's Wall Of Music
  • DataCentricSec.com
  • A World of Events

My Other Web Content & Contributions

  • All My Links
  • Amazon Author entry
  • API Platform
  • Dev Meetup (co-managed)
  • Fluentd Book
  • http://phil-wilkins.uk/
  • ICS Book Website
  • Mindmaps
  • Monster's Photos
  • my Capgemini Profile
  • OMESA
  • Oracle Community Directory
  • Packt Author Bio

RSS

RSS Feed RSS - Posts

RSS Feed RSS - Comments

Calendar

January 2014
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Dec   Feb »

Other Pages

  • About
    • Presenting Activities
  • Books & Publications
    • API & API Platform
      • API Useful Resources
      • Useful Reading Sources
    • Fluentd, Unified Logging With
    • Oracle Integration
  • Mindmaps Index
    • Patterns Sources

Goodreads

Flickr Pics

UKOUG volunteersBrightonBrightonBrighton
More Photos

History

OraNA

Aggregated by OraNA

Blogroll

  • A Journey in Development
  • A Neate Blog
  • Blog by Robert van Mölken (co-author on ICS book)
  • Exigency In Specie
  • Ora World
  • SOA4U

Social

  • View @mp3monster’s profile on Twitter
Follow Phil (aka MP3Monster)'s Blog on WordPress.com

Tags

6 Music Aaron Woody Ace AIA album Ansible API apiary API Platform applications article BBC Big Data blog book books Capgemini cd CEP Cloud code concert conference data Design developer development download ebook enterprise FluentD free fusion Good Morning Nantwich Groovy Helidon integration java JBoss jBPM London Luis Weir meetup Microservices mindmap monitoring Music OIC OIC - ICS OOW Oracle Oracle Press OTN PaaS Packt Packt Publishing Patterns Phill Jupitus playlist podcast Presentation promotion Puppet reading Redhat review Security SeeWhy SOA SOA Suite software Technology TOGAF UKOUG video

Blog at WordPress.com.

Rick's blog

End-to-End OIC to SAP integration

A journey in development

A blog-post by blog-post journey of a ERP Cloud Solutions Degree Apprentice

Phil (aka MP3Monster)'s Blog

from Technology to Music

RedThunder.Blog

Demystifying cloud technologies...

A millennial's musings

Shalindra's Blogs

Technofunctional Blogs

BTplusMore

Business, Technology and more

Creativenauts

Personal, design, inspiration, interests.

PaaS Community Blog

by Jürgen Kress

RedStack

Oracle Cloud Stuff

Musings of an Enterprise Software Technologist

My thoughts on Enterprise Software Technologies...and more.

The Open Group Blog

Achieving business objectives through technology standards

SutoCom Solutions

Success & Satisfaction with the Cloud

Rob's Wall Of Music

Thoughts of a lifelong music hoarder...

DataCentricSec.com

A World of Events

A Blog for Event and Data Analytics

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Our Cookie Policy