Data Center, Colocation, Cloud Computing, Storage, Dedicated Servers Forums

Data Center, Colocation, Cloud Computing, Storage, Dedicated Servers Forums (http://www.datacentertalk.com/forum/index.php)
-   Datacenter News, Seminars & Conferences update (http://www.datacentertalk.com/forum/forumdisplay.php?f=18)
-   -   Four steps for protecting your internal networks (http://www.datacentertalk.com/forum/showthread.php?t=57548)

duongkhue84 03-30-2016 10:19 AM

Four steps for protecting your internal networks
 
Opinion by Mudge, Intrusic Inc.

SEPTEMBER 09, 2004 (COMPUTERWORLD) - In the sciences, there are general principles that can apply to all environments. The principles of physics (i.e. the general laws) are ubiquitous across disciplines. Why should the information security field be any different? It turns out that it isn't.
In my experience, the following general principles have proved beneficial. Companies can apply them with existing internal resources.

1. Map security around business functions

In few areas is the relationship of security to business functions more obvious than in comparing electrical utilities with industrial refineries. Both business models use a segmentation structure around Supervisory Control and Data Acquisition and/or distributed control systems. While both electrical utilities and refineries have these environments, the refineries, in general, have a much more secure implementation of this model. Was this due to particular security requirements? No. Upon querying technical experts from both industries, the rationale became clear: One field had to be much more competitive in the business realm than the other. Industrial refineries had to compete in the business market, while utilities were subsidized and regulated by the government.

If one company operated at even a fraction of a percentage more efficiently and cost-effectively than a competitor did, that business had an edge in the public markets. Tremendous amounts of effort were spent designing and making networks and systems perform core technical requirements in a way that was as efficient and organized as possible. These efforts resulted in networks with a relatively high security baseline. More important, they provided a solid foundation for future security components that might be desired in the future.

Without the economic driver of competition for the electrical utilities, the optimization and maximization of underlying business architectures didn't receive the same attention. As various utilities markets are deregulated, many players find themselves in the position of having to make a profit. However, the underlying infrastructure lacks a foundation solid enough to confidently run critical business tasks, let alone withstand hostile attacks

Fore more info checkout.

adilkhan009 07-27-2016 04:01 PM

I agree with you this post.

SolaDrive 12-24-2017 01:35 PM

Quote:

Originally Posted by duongkhue84 (Post 74531)
Opinion by Mudge, Intrusic Inc.

SEPTEMBER 09, 2004 (COMPUTERWORLD) - In the sciences, there are general principles that can apply to all environments. The principles of physics (i.e. the general laws) are ubiquitous across disciplines. Why should the information security field be any different? It turns out that it isn't.
In my experience, the following general principles have proved beneficial. Companies can apply them with existing internal resources.

1. Map security around business functions

In few areas is the relationship of security to business functions more obvious than in comparing electrical utilities with industrial refineries. Both business models use a segmentation structure around Supervisory Control and Data Acquisition and/or distributed control systems. While both electrical utilities and refineries have these environments, the refineries, in general, have a much more secure implementation of this model. Was this due to particular security requirements? No. Upon querying technical experts from both industries, the rationale became clear: One field had to be much more competitive in the business realm than the other. Industrial refineries had to compete in the business market, while utilities were subsidized and regulated by the government.

If one company operated at even a fraction of a percentage more efficiently and cost-effectively than a competitor did, that business had an edge in the public markets. Tremendous amounts of effort were spent designing and making networks and systems perform core technical requirements in a way that was as efficient and organized as possible. These efforts resulted in networks with a relatively high security baseline. More important, they provided a solid foundation for future security components that might be desired in the future.

Without the economic driver of competition for the electrical utilities, the optimization and maximization of underlying business architectures didn't receive the same attention. As various utilities markets are deregulated, many players find themselves in the position of having to make a profit. However, the underlying infrastructure lacks a foundation solid enough to confidently run critical business tasks, let alone withstand hostile attacks

Fore more info checkout.

Check out where?
Can't find a link in this post suggesting where to continuing reading...
Would appreciate if you add the link.

Thank you


All times are GMT. The time now is 12:08 PM.

Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2024, vBulletin Solutions, Inc.