Learn how to adapt data flow security with changing business needs.
- [Instructor] Over the life of your business, your data needs will constantly be changing. As security professionals, it is our responsibility to determine how these changes will affect our business processes and security. Each time a change is proposed, we should consider how it can affect the confidentiality, integrity, and availability of our networks. We should also ensure that we're utilizing proper defense in depth techniques in order to protect our organization's data. To determine the best methods to use, you should begin by mapping out the process or service that is going to be affected.
This will allow you to determine what applications, services, and users might require access to the data that you're trying to protect. Then you have to determine where the data is currently being stored and what security controls have already been put in place. Should authentication be required prior to accessing the data? If so, you have to determine how the users' credentials or authentication tickets are going to be protected during transmission? If authentication is not required, then how will you determine who is authorized to access a given piece of data? Next, you should consider the enterprise security policies that may affect the data for this process or service.
For example, if you're going to use password protection, what's the strength of the password that you're going to require? In addition to considering the data at rest, it's also important to consider the security of the data while it's in transit. Will encryption of the data during transmission be required? And if so, what strength is necessary? Additionally, if encryption will be utilized, how will you protect the encryption key to ensure the communication remains confidential? Whenever a new process or service is being proposed to meet an organization's business needs, you have to think of each and every one of these questions.
Every change to the enterprise network can have a cascading effect on its overall security. Therefore, it's really important to consider the specific security requirements for the data change as well as the overall effect that they can have to the overall system.
Author
Released
11/14/2018We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Adapting data flow security to changing business needs
- Provisioning and deprovisioning resources
- Security and privacy considerations of storage integration
- Integrating the cloud and virtualization into the secure enterprise architecture
- Identity proofing and identity propagation
- Integrating cryptographic techniques into the secure enterprise architecture
- Cryptocurrency and blockchain
- Mobile device encryption considerations
- Integrating secure communications and collaboration solutions
Skill Level Advanced
Duration
Views
Related Courses
-
Insights from a Cybersecurity Professional
with Mike Chapple32m 15s Intermediate -
CASP+ Cert Prep: 1 Risk Management
with Jason Dion2h 34m Advanced
-
Introduction
-
What you should know1m 27s
-
About the exam1m 44s
-
1. Integrating Hosts, Storage, Networks, and Applications into the Secure Enterprise Architecture
-
Standards3m 49s
-
Interoperability issues7m 14s
-
Resiliency issues3m 57s
-
Logical deployment diagrams1m 46s
-
2. Integrating the Cloud and Virtualization into the Secure Enterprise Architecture
-
Cloud considerations4m 47s
-
Cloud service models5m 20s
-
Commingling considerations2m 56s
-
Data security considerations2m 42s
-
-
3. Integrating Authentication and Authorization into the Secure Enterprise Architecture
-
Authentication6m 4s
-
Authorization5m 59s
-
Attestation2m 26s
-
Identity proofing2m 13s
-
Identity propagation1m 27s
-
Federated identification4m 9s
-
Trust models2m 36s
-
-
4. Integrating Cryptographic Techniques into the Secure Enterprise Architecture
-
Cryptographic techniques6m 59s
-
Message authentication1m 23s
-
Protection of data6m 26s
-
Stream versus block ciphers2m 14s
-
Symmetric encryption5m 47s
-
Asymmetric encryption3m 23s
-
Public key infrastructure3m 54s
-
-
5. Integrating Secure Communications and Collaboration Solutions into the Secure Enterprise Architecture
-
Remote access4m 17s
-
Unified communication1m 5s
-
Web conferencing3m 2s
-
Audio and video conferencing2m 44s
-
Social media collaboration1m 55s
-
-
Conclusion
-
What next?3m 9s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Adapting data flow security to changing business needs