• Home
  • Site Aliases
    • www.cloud-native.info
  • About
    • Background
    • LinkedIn
    • Presenting Activities
    • Internet Profile
    • About
  • Books & Projects
    • Logs and Telemetry using Fluent Bit
      • Fluent Bit book
      • Book Resources in GitHub
      • Fluent Bit Classic to YAML Format configurations
    • Logging in Action with Fluentd, Kubernetes and More
      • Logging in Action with Fluentd – Book
      • Fluentd Book Resources
      • Fluentd & Fluent Bit Additional stuff
    • OpAMP
    • Log Generator
    • API & API Platform
      • API Useful Resources
    • Oracle Integration
      • Book Website
      • Useful Reading Sources
    • Publication Contributions
  • Resources
    • GitHub
    • Oracle Integration Site
    • Oracle Resources
    • Mindmaps Index
    • Useful Tech Resources
      • Fluentd & Fluent Bit Additional stuff
      • Recommended Tech Podcasts
      • Official Sources for Product Logos
      • Java and Graal Useful Links
      • DevTips
  • Music
    • Monster On Music
    • Music Listening
    • Music Reading

Phil (aka MP3Monster)'s Blog

~ from Technology to Music

Phil (aka MP3Monster)'s Blog

Daily Archives: January 17, 2014

Enterprise Security – A Data Centric Approach – Chapters 5 & 6

17 Friday Jan 2014

Posted by mp3monster in Books, General, Technology

≈ 3 Comments

Tags

Aaron Woody, Enterprise Security, security processes

Continuing with Enterprise Security: A Data-Centric Approach to Securing the Enterprise by Aaron Woody Chapter 5 gest into some of the security processes and technologies to securing you compute platforms covering topics such as:

  • anti-virus (or not),
  • network lock down through the use of local firewalls built into the OS (so people can’t then just access the server by any means they desire SSH, RDP, telnet etc)
  • user permissions
  • auditing (so you can see what is happening/happened and by whom)
  • detection of file change in parts of the system that shouldn’t change except through specific mechanisms e.g. OS files should only change when patching the OS

But more importantly the chapter links these kinds of activities to the analysis of risk and previously developed trust models. So that you can understand how much security is suitable and justifiable.  The ideas along with the pros and cons of each activity are well explained and clearly presented.

Chapter 6 takes us back to central theme of the book – data.  With our policies and models identified we need to locate the data – this is harder than it may sound, not everything is in a database (the amount of business operation that runs on spreadsheets on people’s desktops, is endlessly amazing and then compounded by how we make the data collaborative – emailing, moving with personal USB storage, cloud services and on and on). To help find, track and potentially constrain it  (prevent undue leakage) the book walks through the ideas of classification and ownership/accountability and then really starts to tie together the earlier chapters, as well as introduce some additional technology concepts such as the encryption of data when in transit and at rest. Like chapter 5, you don’t need a PhD to understand where to apply security and why – the doing maybe a different kettle of fish of course.

Previous blog entries:

  • Chapter 1
  • Chapter 2
  • Chapter 3

There is also a supporting website for the book athttp://www.datacentricsec.com/
Enterprise Security - A Data Centric Approach

Share this:

  • Share on Facebook (Opens in new window) Facebook
  • Share on X (Opens in new window) X
  • Share on Reddit (Opens in new window) Reddit
  • Share on LinkedIn (Opens in new window) LinkedIn
  • Email a link to a friend (Opens in new window) Email
  • Share on WhatsApp (Opens in new window) WhatsApp
  • Print (Opens in new window) Print
  • Share on Tumblr (Opens in new window) Tumblr
  • Share on Mastodon (Opens in new window) Mastodon
  • Share on Pinterest (Opens in new window) Pinterest
  • Share on Bluesky (Opens in new window) Bluesky
Like Loading...
    • About
      • Internet Profile
      • Music Buying
      • Presenting Activities
    • Books & Publications
      • Logging in Action with Fluentd, Kubernetes and More
      • Logs and Telemetry using Fluent Bit
      • Oracle Integration
      • API & API Platform
        • API Useful Resources
        • Useful Reading Sources
    • Mindmaps Index
    • Monster On Music
      • Music Listening
      • Music Reading
    • Oracle Resources
    • Useful Tech Resources
      • Fluentd & Fluent Bit Additional stuff
        • Logging Frameworks and Fluent Bit and Fluentd connectivity
        • REGEX for BIC and IBAN processing
      • Formatting etc
      • Java and Graal Useful Links
      • Official Sources for Product Logos
      • Python Setup & related tips
      • Recommended Tech Podcasts

    TOGAF 9

    Logs and Telemetry using Fluent Bit


    Logging in Action — Fluentd

    Logging in Action with Fluentd


    Oracle Ace Director Alumni

    Oracle Cloud Integration Book


    API Platform Book


    Oracle Dev Meetup London

    Blog Categories

    • App Ideas
    • Books
    • Enterprise architecture
    • General
      • ExternalWebPublications
      • LinkedIn
      • Website
    • Music
      • Music Resources
      • Music Reviews
    • Photography
    • Podcasts
    • Technology
      • AI
      • APIs & microservices
      • chatbots
      • Cloud
      • Cloud Native
      • Dev Meetup
      • development
        • languages
      • drone
      • Fluent Observability
        • Fluentbit
        • Fluentd
        • OpAMP
      • logsimulator
      • mindmap
      • OMESA
      • Oracle
        • API Platform CS
          • tools
        • ITSO & OEAF
        • OIC – ICS
        • Oracle Cloud Native
        • OUG
      • railroad diagrams
      • TOGAF

    Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,616 other subscribers

    RSS

    RSS Feed RSS - Posts

    RSS Feed RSS - Comments

    January 2014
    M T W T F S S
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
    « Dec   Feb »

    Speaker Recognition

    Open Source Summit Speaker

    Twitter

    Tweets by mp3monster

    History

    Flickr Pics

    Boxer Rebellion @ Brixton ElectricBoxer Rebellion @ Brixton ElectricBoxer Rebellion @ Brixton ElectricBoxer Rebellion @ Brixton Electric
    More Photos

    Social

    • View @mp3monster’s profile on Twitter
    • View philwilkins’s profile on LinkedIn
    • View mp3monster’s profile on GitHub
    • View mp3monster’s profile on Flickr
    • View mp3muncher’s profile on WordPress.org
    • View philmp3monster’s profile on Twitch
    Follow Phil (aka MP3Monster)'s Blog on WordPress.com

    Blog at WordPress.com.

    • Subscribe Subscribed
      • Phil (aka MP3Monster)'s Blog
      • Join 229 other subscribers
      • Already have a WordPress.com account? Log in now.
      • Phil (aka MP3Monster)'s Blog
      • Subscribe Subscribed
      • Sign up
      • Log in
      • Report this content
      • View site in Reader
      • Manage subscriptions
      • Collapse this bar
    Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
    To find out more, including how to control cookies, see here: Our Cookie Policy
    %d