Security Management Strategies for the CIOAccess "Writing security policies using a taxonomy-based approach"
This article is part of the December 2009 issue of Step-by-step guide to avoiding basic database security risks
Today's policy artifact landscape has become much more complex given the regulations they must complement and support. Additionally, the complexity of information systems and technology has increased with the advent of the geo-distributed architecture of cloud computing which requires a global perspective for policy development. Policies are a system of authoritative artifacts deployed to protect an organization's information assets. Specifically, authoritative artifacts are documents against which an organization executes and operates. Our intent is to provide information security professionals with methods and techniques to drive an aggregate method of policy design and move away from the more individualistic method that has been approached. Aggregation results in policy artifacts that are consumable, extensible and easily sustainable. We will examine how a taxonomy-based approach is used to design policy artifacts. Removed is the unwieldy structure-driven policy architecture that results in redundant, unnecessary and hard to consume artifacts. The ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Is New Google Chromium OS a Security Game-Changer?
Google says Chromium's process isolation and sandbox security features harden the OS from attack.
-
Carefully evaluate providers' SaaS security model
Enterprises need to make sure a SaaS provider has the proper security controls to protect sensitive data before a contract is signed
-
Is New Google Chromium OS a Security Game-Changer?
-
-
Basic Database Security: Step by Step
by Adrian Lane, Contributor
Use this checklist to ensure you're following the basics for securing database systems.
-
Writing security policies using a taxonomy-based approach
by Ravila Helen White, Contributor
Forget structure-driven policy architecture; we'll show you how to build information security policy artifacts using a taxonomy approach that will help you build global policies in a snap.
-
Basic Database Security: Step by Step
by Adrian Lane, Contributor
-
Columns
-
Is HITECH Destined to be a Cybercrime Stimulus Act?
The HITECH Act, part of the economic stimulus bill, is intended to foster electronic medical records systems adoption, but will also introduce security and privacy risks to patient medical and billing data.
-
Editor's Desk: Apathy and the Cybersecurity Coordinator
Six months since President Obama announced he would appoint a cybersecurity coordinator, the position sits vacant. Do you care?
-
Is HITECH Destined to be a Cybercrime Stimulus Act?
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...