The data and corporate knowledge infrastructure provides accurate and strategic IT security management.
A data and knowledge infrastructure as a whole is designed with computer security management in mind since its creation.
The methodology that Quattroemme Consulting adopts is to create Enterprise Security Architecture, alongside the project of Enterprise Information Architecture, by defining the strategic objectives of the security architecture on which to implement the security policies and the enlargement policies.
The strategic objectives of the Enterprise Security Architecture are:
⦁ Multi-layered approach: Safety must consistently be achieved in all macro areas and cover all components.
⦁ Enforcement of the security policies integration between different tools and technologies.
⦁ Ability to update tools and platforms based on the latest knowledge of threats, attack patterns, malware, exploits, vulnerabilities, geographic location and IP reputation data, etc.
⦁ Adaptability to technological trends (for example the use of personal mobile devices and access to applications delivered to the cloud).
A security architecture project is implemented by choosing the appropriate technological modules to reinforce integration and the ability to analyze events, with the following characteristics:
⦁ Advanced network protection with sophisticated techniques of incoming and outgoing traffic analysis to detect unknown forms of malware and patterns of attacks and 0-day attacks.
⦁ Application security: security must guide development and security practices must be applied throughout the software development life cycle; the dynamic safety test is performed before and after the release of the applications into production.
⦁ Data protection: for fine-tuned monitoring of data access (databases, repositories and files) and control based on data action policies.
⦁ Identity and access control: to ensure that, at any time, only the authorized person has access to the resources and that only IT, security and inspection managers have full control and up-to-date visibility of access privileges through IT infrastructure.
⦁ Security and fulfillment of the terminals (servers and desktops): to ensure on the one hand operational efficiency in the management of the life cycle of the terminal and on the other hand to implement consistent security policies in the installation and configuration of devices and software.
⦁ Security of mobile devices: with the same objectives of the security of the terminals and additional interest to the security of mobile access to applications and services, to the protection of mobile devices, to the isolation and to the protection of information of the organization that reside on the mobile device itself.
⦁ Security intelligence: the core of the security infrastructure with advanced capabilities for integrating and analyzing information coming from every component of the IT infrastructure, performs complex correlations to identify threats and anomalies and can be integrated with operational tools for an automatic solution.
⦁ Forensics: to provide actionable insights to operators and analysts by improving the security response time. Traditional log management systems do not qualify as forensic tools because they do not have deep inspection capabilities of IP packets. Advances in the design of interfaces and in the capacity of machine learning make the forensic tools usable for everyone not just for lawyers or post-event consultants.