Enterprise Information Security Architecture is a set of requirements, processes, principles, and models that determine the current And/or future structure and behavior of an organization’s security processes, information security systems, personnel, and organizational sub-units. It ensures that the security architecture and controls are in alignment with the organization’s core goals and strategic direction.
Though Enterprise Information Security Architecture deals with information security, it relates more broadly to the security practice of business. Optimization. Thus, it also addresses business security architecture, performance management and security process architecture. The main objective of implementing EISA is to make sure that IT security is in alignment with business strategy.
Enterprises are struggling nowadays to achieve the balance between implementing the security controls in the enterprise while allowing the employees to increase the productivity and communicate the information easily. Enterprise security is not only about protecting the infrastructure of the enterprise, but also the sensitive data flowing among the organization.
Security of enterprise is done in generic manner by applying three ways [1, 2]:
Prevention – This involves preventing the networks from intruders by avoiding security Breaches. This is normally done by implementation of firewalls.
Detection – This process focuses on the detection of the attacks and the breaches that are done over the network.
Recovery – Once attack occurs, recovery is essential for preventing the information asset of the enterprise that may damage due to the attack. For this, some recovery mechanisms are being employed by the enterprises. Till date, most of the researches and works have been done in the area of prevention and detection of the attack
MOTIVES BEHIND ENTERPRISE SECURITY
Enterprise security is getting difficult primarily due to following reasons A. Increasing threats- Enterprise organizations are continuously attacked by newer
With the aim of stealing the confidential information. Cyber criminals, hackers are growing in a large number. It has been reported that in recent years, malware are worse than previous attacks. Further, crime is getting more sophisticated these days. All these factors need to be managed. B. Technology Complexity – Security experts are dealing with threats as well as maintaining the change with effect of the new technologies like cloud computing, mobile computing, Internet of things and virtualization. These new technologies are creating gap within the system which need to be addressed. C. Legacy security procedures and techniques: From the past, many security techniques have been used in the enterprises starting from firewalls, Intrusion Detection System/ Intrusion Prevention System (IDS/IPS), to host security software (i.e., antivirus software), and to security monitoring and compliance tools (i.e., SIEM, log management, etc.). These procedures are incapable of dealing with the multidimensional threat
There exist multiple security standards for securing and protecting the assets of the enterprises. Some organizations use the published security standards while other implemented their own security architecture depending on their requirement. There is no single uniform standard that can be applied to all enterprises. By incorporating the recommended policies and programs, effective and consistent security architecture can be develop
TRENDS IN ENTERPRISE SECURITY
Due to the incorporation of cloud and mobile applications, the security needed by the enterprise has been increased at a wider level. The attacks are changing day by day and so this necessitates more secure information environment. Thus these trends suggest that further improvement is needed in the security architectures of the enterprises.
• Encrypted data
• DDoS (Distributed Denial of Service Attack
• Managed Security Service
• Single platforms for secure
• Increased Customer expectation
• Data collection and process
• Malware analytic
• Intelligent algorithm
The following are the goals of EISA:
– To help in monitoring and detecting network behaviors in real time acting upon internal and externals security risks.
– To help an organization detect and recover from security breaches.
– To aid in prioritizing resources of an organization and pay attention to various threats.
– To benefit the organization in cost prospective when incorporated in security provisions such as incident response, disaster recovery, and event correlation, etc.
– To help in analyzing the procedures needed for the IT department to identify assets and function properly.
– To help perform risk assessment of an organization’s ET assets with the cooperation of IT staff.