Security Information and Review

Collection of security information and review

Evaluate and Analyze Network Security Based on the Security Framework

Author : Admin

When we discussion about security and how to evaluate and analyze the security of an enterprise company or organization, we need a security platform. With security framework we believe that establishing an appropriate framework goes long way toward helping we establish a reasonable framework for analyzing security and shape an effective information security program.

 

Security framework is made up of three tiers : organizational factors, security objectives and security mechanisms. So, if we want to evaluate and analyze the security of an enterprise, it’s based on elements of the security framework .

Organizational factors as the top tier of our security framework takes into account the organizational factors that we must consider when planning for enterprise security. Paramount to success of an enterprise security program are the relationships among risk analysis, the organization’s culture and security policy.

 

Risk analysis is a process to ensure that security controls prescribed for a system are fully commensurate with it’s exposed risks. An organization’s culture has a tremendous bearing on the acceptance of security, such as a stringent password policy. A security policy should communicate to everyone with simple principle that information is a valuable asset and everyone is responsible for protecting it. It’s will provide the appropriate balance between business requirements and security needs for enterprise company or organization.

 

The middle of the security framework is security objects and confidentiality, integrity, availability and accountability are core of this when designing and implementing security of an enterprise. Confidentiality is keeping information and resources from being disclosed to someone who hasn’t been explicitly granted access. Integrity is ensuring that information and resources remain complete and unchanged from previous state. Availability is ensuring that information and resources can be used whenever they are needed. The last of the security object element is accountability, assigning and tracking responsibility for the actions of users and resources and include of this elements is auditing.

 

The bottom of the security framework is security mechanisms. It’s used to implement the security services for an enterprise, such how to identification, authentication and others.

 

As always, I hope this discussion can provide benefits and increase our knowledge. Looking discussion about the security mechanism in the next article.

 

 

Mohamad Widodo

Mohamad Widodo

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
  • Technorati
  • YahooMyWeb
  • Slashdot
  • StumbleUpon
Categories: Article
If you like this posts, please leave messages / comments.