Learn how to adapt data flow security with changing business needs.
- [Instructor] Over the life of your business, your data needs will constantly be changing. As security professionals, it is our responsibility to determine how these changes will affect our business processes and security. Each time a change is proposed, we should consider how it can affect the confidentiality, integrity, and availability of our networks. We should also ensure that we're utilizing proper defense in depth techniques in order to protect our organization's data. To determine the best methods to use, you should begin by mapping out the process or service that is going to be affected.
This will allow you to determine what applications, services, and users might require access to the data that you're trying to protect. Then you have to determine where the data is currently being stored and what security controls have already been put in place. Should authentication be required prior to accessing the data? If so, you have to determine how the users' credentials or authentication tickets are going to be protected during transmission? If authentication is not required, then how will you determine who is authorized to access a given piece of data? Next, you should consider the enterprise security policies that may affect the data for this process or service.
For example, if you're going to use password protection, what's the strength of the password that you're going to require? In addition to considering the data at rest, it's also important to consider the security of the data while it's in transit. Will encryption of the data during transmission be required? And if so, what strength is necessary? Additionally, if encryption will be utilized, how will you protect the encryption key to ensure the communication remains confidential? Whenever a new process or service is being proposed to meet an organization's business needs, you have to think of each and every one of these questions.
Every change to the enterprise network can have a cascading effect on its overall security. Therefore, it's really important to consider the specific security requirements for the data change as well as the overall effect that they can have to the overall system.
- Adapting data flow security to changing business needs
- Provisioning and deprovisioning resources
- Security and privacy considerations of storage integration
- Integrating the cloud and virtualization into the secure enterprise architecture
- Identity proofing and identity propagation
- Integrating cryptographic techniques into the secure enterprise architecture
- Cryptocurrency and blockchain
- Mobile device encryption considerations
- Integrating secure communications and collaboration solutions
Skill Level Advanced
CASP+ Cert Prep: 1 Risk Managementwith Jason Dion2h 34m Advanced
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Appropriate for all
1. Integrating Hosts, Storage, Networks, and Applications into the Secure Enterprise Architecture
2. Integrating the Cloud and Virtualization into the Secure Enterprise Architecture
3. Integrating Authentication and Authorization into the Secure Enterprise Architecture
4. Integrating Cryptographic Techniques into the Secure Enterprise Architecture
5. Integrating Secure Communications and Collaboration Solutions into the Secure Enterprise Architecture
What next?3m 9s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.