Defence in Depth Architectural Decisions

8
Defence in Depth Shepherding Solution Architecture Security Decisions

description

In this lightning talk we will explore one approach to getting multi-stakeholder agreement on Enterprise Architecture decisions focused on a defence in depth security model. Corporate enterprise technology environments can be large and complicated. And when it comes to making changes to the internet facing security environment both rigorousness and resistance to change increase. These increased challenges can be overcome with good project / process management, solid end-to-end architecture, and a comprehensive decision making template. In a nutshell, this talk explores the enterprise architecture decision.

Transcript of Defence in Depth Architectural Decisions

Page 1: Defence in Depth Architectural Decisions

Defence in Depth

Shepherding Solution Architecture Security Decisions

Page 2: Defence in Depth Architectural Decisions

AGENDA

1. Description of Defence in Depth

2. Defence in Depth within the Enterprise2.1. From the solution architect perspective

3. Issues toward implementation

4. Getting to finished

Page 3: Defence in Depth Architectural Decisions

http://technet.microsoft.com/en-us/library/cc512681.aspx

http://technet.microsoft.com/en-us/library/cc512681.aspx
http://technet.microsoft.com/en-us/library/cc512681.aspx
Page 4: Defence in Depth Architectural Decisions

2 Perspectives

CORP

Perimeter

DMZ1

api

api

Page 5: Defence in Depth Architectural Decisions

CORP

Data GovernancePerimeter

Security & Privacy

Standards & Compliance

Content Access & Management

DMZ1

Business Continuity & DRP

IDZ

people.healthcare.com partners.healthcare.com doctors.healthcare.com

Net

wor

k P

ract

ices

Dire

ctor

y P

ract

ices

Dat

abas

e P

ract

ices

SD

LC P

ract

ices

api Perimeter

DMZ1

api

api

vendors.com

Page 6: Defence in Depth Architectural Decisions

Shepherding the Decision

1. Concise problem statement2. Identifying the technical stakeholders3. Approvers and reviewers4. Comprehensive set of options5. Iterate6. Make a recommendation7. Related systems and issues8. Future considerations

Page 7: Defence in Depth Architectural Decisions

Some examples

● Identity system

● Online publishing

● Directory location

● Network segmentation

● Data location

● Search

● Being mindful of legacies

Page 8: Defence in Depth Architectural Decisions

Peter Rawsthorne, B.Tech, M Ed [email protected]@prawsthornehttp://www.linkedin.com/in/prawsthorne

QUESTIONS?

mailto:[email protected]
mailto:[email protected]
http://www.linkedin.com/in/prawsthorne
http://www.linkedin.com/in/prawsthorne

Defence in Depth in Nuclear Safety INSAG-10

Defence in Depth in Nuclear Safety INSAG-10

DEFENCE IN DEPTH INTERNALIZATION IN CAREM PROTOTYPE …

DEFENCE IN DEPTH INTERNALIZATION IN CAREM PROTOTYPE …

Safety Principles and Defence-in-Depth concept implemented ... · Safety Principles and Defence-in-Depth concept implemented in German Regulations ... Principle of multiple ... protective

Safety Principles and Defence-in-Depth concept implemented ... · Safety Principles and Defence-in-Depth concept implemented in German Regulations ... Principle of multiple ... protective

ARCHITECTURAL COATINGS - informationresearch.co.uk · ARCHITECTURAL COATINGS MEA MARKET REPORT & DATABASE November 2015 First Edition For the first time, IRL is releasing an in-depth

ARCHITECTURAL COATINGS - informationresearch.co.uk · ARCHITECTURAL COATINGS MEA MARKET REPORT & DATABASE November 2015 First Edition For the first time, IRL is releasing an in-depth

WENRA views on Defence-in-Depth for new reactors

WENRA views on Defence-in-Depth for new reactors

Defence in Depth in Nuclear Safety INSAG-10 · PDF fileINSAG-10 DEFENCE IN DEPTH IN NUCLEAR SAFETY INSAG-10 A report by the International Nuclear Safety Advisory Group INTERNATIONAL

Defence in Depth in Nuclear Safety INSAG-10 · PDF fileINSAG-10 DEFENCE IN DEPTH IN NUCLEAR SAFETY INSAG-10 A report by the International Nuclear Safety Advisory Group INTERNATIONAL

Assessment of defence in depth for nuclear power - IAEA Publications

Assessment of defence in depth for nuclear power - IAEA Publications

Fast Global Labelling For Depth-Map Improvement Via ...mobile/Papers/2018ICRA_amayo.pdf · Fast Global Labelling For Depth-Map Improvement Via Architectural Priors Paul Amayo, Pedro

Fast Global Labelling For Depth-Map Improvement Via ...mobile/Papers/2018ICRA_amayo.pdf · Fast Global Labelling For Depth-Map Improvement Via Architectural Priors Paul Amayo, Pedro

A DEFENCE IN DEPTH CONTROL ANALYSIS Documents/SIFT-UAM... · order to allow an organisation to effectively establish the risk context within which the defence in depth strategy is

A DEFENCE IN DEPTH CONTROL ANALYSIS Documents/SIFT-UAM... · order to allow an organisation to effectively establish the risk context within which the defence in depth strategy is

MOD Architectural Framework Sustainment Deskbook Sustainment Deskbook v0.4.pdf · 1 MODAF-M10-014 MINISTRY OF DEFENCE MOD Architectural Framework Sustainment Deskbook Draft 0.4 8

MOD Architectural Framework Sustainment Deskbook Sustainment Deskbook v0.4.pdf · 1 MODAF-M10-014 MINISTRY OF DEFENCE MOD Architectural Framework Sustainment Deskbook Draft 0.4 8

Fukushima –A Failure of Institutional Defence in DepthFukushima – A lack of defence in depth of the Nuclear Safety Institutional System • Inadequate design basis for external

Fukushima –A Failure of Institutional Defence in DepthFukushima – A lack of defence in depth of the Nuclear Safety Institutional System • Inadequate design basis for external

Defence in Depth: What’s Next? Kent Schramm Head, Cyber Security

Defence in Depth: What’s Next? Kent Schramm Head, Cyber Security

MOD Architectural Framework Acquisition Community of ... Acquisition Deskbook v0.4.pdf · MODAF-M10-004 MINISTRY OF DEFENCE MOD Architectural Framework Acquisition Community of Interest

MOD Architectural Framework Acquisition Community of ... Acquisition Deskbook v0.4.pdf · MODAF-M10-004 MINISTRY OF DEFENCE MOD Architectural Framework Acquisition Community of Interest

WENRA views on Defence-in-Depth for new reactors...WENRA views on Defence-in-Depth for new reactors Contents –WENRA •RHWG •Safety objectives •Key safety issues for new NPPs

WENRA views on Defence-in-Depth for new reactors...WENRA views on Defence-in-Depth for new reactors Contents –WENRA •RHWG •Safety objectives •Key safety issues for new NPPs

Global Architectural Wood Coatings - PRA World · 2019-02-01 · global architectural wood coatings market, allowing an in-depth analysis on the sector. PRA World Ltd. Pera Business

Global Architectural Wood Coatings - PRA World · 2019-02-01 · global architectural wood coatings market, allowing an in-depth analysis on the sector. PRA World Ltd. Pera Business

Defence in Depth in Nuclear Safety INSAG-10 · INSAG-10 DEFENCE IN DEPTH IN NUCLEAR SAFETY INSAG-10 A report by the International Nuclear Safety Advisory Group INTERNATIONAL ATOMIC

Defence in Depth in Nuclear Safety INSAG-10 · INSAG-10 DEFENCE IN DEPTH IN NUCLEAR SAFETY INSAG-10 A report by the International Nuclear Safety Advisory Group INTERNATIONAL ATOMIC

Defence in depth-+15+Oct+2… · layered Defence in Depth approach. With an understanding of the organisation’s goals, the critical processes supporting these goals, and their inter-relationships,

Defence in depth-+15+Oct+2… · layered Defence in Depth approach. With an understanding of the organisation’s goals, the critical processes supporting these goals, and their inter-relationships,

DEFENCE IN DEPTH OF ELECTRICAL SYSTEMS AND GRID INTERACTION Final... · group in January 2008 to examine Defence in Depth of Electrical Systems and Grid Interaction with nuclear power

DEFENCE IN DEPTH OF ELECTRICAL SYSTEMS AND GRID INTERACTION Final... · group in January 2008 to examine Defence in Depth of Electrical Systems and Grid Interaction with nuclear power

Defence in Depth of Electrical Systems and Grid Interaction - Final

Defence in Depth of Electrical Systems and Grid Interaction - Final

User-Access Management: a Defence in Depth Control ...Management... · Web viewUser-access management A DEFENCE IN DEPTH CONTROL ANALYSIS June 2008 DISCLAIMER: To the extent permitted

User-Access Management: a Defence in Depth Control ...Management... · Web viewUser-access management A DEFENCE IN DEPTH CONTROL ANALYSIS June 2008 DISCLAIMER: To the extent permitted