Information Technology Reference
In-Depth Information
Chapter 12
Enterprise Security
In This Chapter
• Considerations for layering security measures
• An examination of common enterprise threats
• Identification of risk management strategies
A common way of describing physical security is that “a house is only as
secure as its least secure door or window.” This means that an unauthor-
ized entrance requires only one open window to provide access to the
entire structure. An extended enterprise network follows the same rule:
An attacker need only bypass the least secure entry point to gain access
to the entire structure—unless steps are taken to isolate segments of the
network and to protect information assets.
This chapter addresses threats to the enterprise and some methods
of mitigating these threats. Because defensive and offensive technologies
continually evolve, I will not attempt to address every possible threat in
specific detail, but rather to identify strategies that you can apply to your
own enterprise during architecture updates. Security should form a foun-
dation for all other architecture changes, not be layered on top of the
235
