IT security definitions.Protecting corporate information and technology assets from intruders, thieves and vandals is a significant challenge for most enterprises. Historically, investments in security technology were made by individual technology managers and business units in response to the specific threats they faced. CIOS CIOS Communication Institute for Online Scholarship CIOS Channel Island Occupation Society (Channel Islands) CIOS Claim Imaging Operation Services (insurance) CIOS Central Imaging Operation Services are now implementing technologies that can support the centralized management and enforcement of security policy. As a result, the fragmented security market is coalescing coalescing (kō  les´ing),n a joining or fusing of parts. around four primary solution sets: * Identity management to authorize user access to system resources (1) In a computer system, system resources are the components that provide its inherent capabilities and contribute to its overall performance. System memory, cache memory, hard disk space, IRQs and DMA channels are examples. . * Vulnerability management to help uncover and remedy threats early. * Threat management to respond to intrusions and attacks on the network * Trust management to securely exchange information over public networks. Identity Management Identity management (IM) solutions are responsible for authenticating and authorizing the network-based users who need to online services and resources these solutions generally include: * Provisioning. Provisioning is the process of granting and revoking the appropriate access rights and privileges to employees, customers, suppliers and business partners. * Web access control. Web access control products provide centralized and automated management to validate a user and then permit the user to access resources in the environment for which they have been granted permission. * Single sign-on An identification system that lets users log into multiple Web sites on the Internet with one username and password. Single sign-on systems are also used within an enterprise, enabling users to access all authorized resources in the local network using the same username and password. authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. . Single Sign-On (SSO See single sign-on and CSO. SSO - single sign-on ) allows a user to log onto every assigned system that they have access to once using one user ID and password combination. Vulnerability Management Vulnerability Management tries to remedy the tactical response approach by allowing enterprise to focus on identifying vulnerabilities or weaknesses in the computing environment and providing the infrastructure to eliminate them. Vulnerability Management solutions generally include: * Firewalls. A firewall is a system or group of systems that enforces an access control policy between two networks. The firewall has a dual role as the mechanism that exists to both block and to permit traffic attempting to access network resources. * Vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. . Vulnerability assessment tools evaluate and monitor operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. and applications for missing fixes to known problems like viruses, worms, unsecured backdoors and security holes. * Network vulnerability scanners. Network vulnerability scanning is the process of checking for all the potential methods that an attacker might use to tamper with an organizations network by analyzing the types of software and system configurations on a given network Threat Management Threat Management focuses on identifying and responding to anomalous and malicious events that occur throughout the network. Threat management solutions generally include a combination of intrusion detection See IDS and IPS. and security event management technology. * Intrusion Detection Intrusion detection systems This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. monitor network traffic, verify the integrity of system files, monitor network event, log and also include deception systems to lure and trap hackers. * Security Event Management Security event management products actively monitor IT resources across an organisations, filter and correlate, and automate responses to security incidents. Trust Management Trust Management is the practice of protecting and enabling activities that are of high risk to the enterprise. These solutions rely on encryption and access control techniques to create a secure process for authorised individuals. Trust Management solutions generally include * Public Key Infrastructure: Public Key Infrastructure (PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of ) is the combination of encryption technologies, digital certificates, and certificate authorities that allow enterprises to protect the security of their communications and business transactions on the internet. * Virtual Private Networks. A virtual private network (VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. ) is a private data network that uses the public telecom infrastructure (as opposed to a system of owned or leased lines), maintaining privacy through the use of tunneling protocols and security procedures. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion