What do you think?
Rate this book
Enterprise Security: A Data-Centric Approach to Securing the Enterprise
A guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise Overview In Detail Enterprise security redefined using a data-centric approach and trust models to transform information security into a business enablement process. It is a unique and forward thinking approach for deciding the best method to secure data in the enterprise, the cloud, and in BYOD environments. "Enterprise A Data-Centric Approach to Securing the Enterprise" will guide you through redefining your security architecture to be more affective and turn information security into a business enablement process rather than a roadblock. This book will provide you with the areas where security must focus to ensure end-to-end security throughout the enterprise-supporting enterprise initiatives such as cloud and BYOD. "Enterprise A Data-Centric Approach to Securing the Enterprise" will first introduce the reader to a new security architecture model and then explores the must have security methods and new tools that can used to secure the enterprise. This book will take a data-centric approach to securing the enterprise through the concept of Trust Models and building a layered security implementation focused on data. This is not your traditional security book focused on point solutions and the network aspect of security. This book combines best practice methods with new methods to approach enterprise security and how to remain agile as the enterprise demands more access to data from traditionally untrusted assets, hosted solutions, and third parties. Applied Information Security - A Data-Centric Approach to Securing the Enterprise will provide the reader an easy-to-follow flow from architecture to implementation, diagrams and recommended steps, and resources for further research and solution evaluation. This book is a reference and guide for all levels of enterprise security programs that have realized that non-data centric security is no longer practical and new methods must be used to secure the most critical assets in the enterprise. What you will learn from this book Approach It's a reference guide to enterprise security programs.
301 pages, Paperback
First published January 1, 2013
2 people are currently reading
2 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
February 5, 2014
As an Enterprise Architect I took an interest in this book as an opportunity to validate my understanding of security and ensure in the design and guidance work that I do I am providing good insights and directions so that the application architects and developers are both ensuring good security practices and also asking the helpful information available to other teams such as IT Security, operational support and so on.
The book has been overall very well written and extremely accessible to even those not versed in the dark arts of IT Security. Anyone in my position, or fulfilling a role as an application designer or product development manager would really benefit from this book. Even those on the business end of IT would probably benefit in terms of garnering an insight into what IT Security should be seeking to achieve and why they often appear to make lives more difficult (I.e. putting restrictions in, perhaps blocking your favourite websites).
So why so helpful, well Aaron has explained the issues and challenges that need to be confronted in terms of Security from the perspective of the organisations key assets - mainly its data (certainly the asset that is likely to cause most visible problems if compromised). Not only that the book presents a framework to help qualify and quantify the risks as a result device a justifiable approach to securing the data and most importantly make defensible cases for budget spend.
I have to admit that the 1st chapter that that introduces the initial step in the strategy was a bit of a struggle as it seemed to adopt and try to define a view of the world that felt a little too simplistic. The truth is that this the 1st step in a journey, and in hindsight important - so stick with it.
Once the basic framework is in place we start looking at tooling strategies and technologies to start facilitating security. The book addresses categories of product rather than specific solutions so the book isn't going to date too quickly. The solution examination includes the pros and cons of their use (e.g wifi lock down) which is very helpful.
Finally to really help the book comes with a rich set of appendices providing a raft of references to additional material that will help people translate principles into practice.
To conclude, a little effort maybe needed to get you started but ultimately a well written, informative, information rich book on security.
More detailed reviews at http://mp3muncher.wordpress.com/
The book has been overall very well written and extremely accessible to even those not versed in the dark arts of IT Security. Anyone in my position, or fulfilling a role as an application designer or product development manager would really benefit from this book. Even those on the business end of IT would probably benefit in terms of garnering an insight into what IT Security should be seeking to achieve and why they often appear to make lives more difficult (I.e. putting restrictions in, perhaps blocking your favourite websites).
So why so helpful, well Aaron has explained the issues and challenges that need to be confronted in terms of Security from the perspective of the organisations key assets - mainly its data (certainly the asset that is likely to cause most visible problems if compromised). Not only that the book presents a framework to help qualify and quantify the risks as a result device a justifiable approach to securing the data and most importantly make defensible cases for budget spend.
I have to admit that the 1st chapter that that introduces the initial step in the strategy was a bit of a struggle as it seemed to adopt and try to define a view of the world that felt a little too simplistic. The truth is that this the 1st step in a journey, and in hindsight important - so stick with it.
Once the basic framework is in place we start looking at tooling strategies and technologies to start facilitating security. The book addresses categories of product rather than specific solutions so the book isn't going to date too quickly. The solution examination includes the pros and cons of their use (e.g wifi lock down) which is very helpful.
Finally to really help the book comes with a rich set of appendices providing a raft of references to additional material that will help people translate principles into practice.
To conclude, a little effort maybe needed to get you started but ultimately a well written, informative, information rich book on security.
More detailed reviews at http://mp3muncher.wordpress.com/
Displaying 1 of 1 review