Multi-dimensional enterprise-wide security: Introduction

Multi-dimensional security involves protecting the information assets and associated resources within all areas of an enterprise and in compliance with all regulatory, policy and contractual requirements. These 10 tips introduce how to adopt a multi-dimensional approach to security that goes beyond the perimeter and utilizes operational, administrative and human forms of protection to help reduce the risks to information wherever information can be found.

This tip is excerpted from Chapter 3 of The Definitive Guide to Security Inside the Perimeter, written by Rebecca Herold and published by Realtimepublishers.com. Read the entire e-book for free.


Multi-dimensional security involves protecting the information assets and associated resources within all areas of an enterprise and in compliance with all regulatory, policy and contractual requirements. It places protection at not only the perimeter, as has historically been the norm, but also wherever information is stored, processed or transmitted. Multi-dimensional security involves more than just technology solutions; it also utilizes operational, administrative and human forms of protection to help reduce the risks to information wherever information can be found.

At a high-level, a multi-dimensional security program includes the use of:

  • Protection strategies
  • Risk analysis and assessment
  • Security policies, procedures, and standards
  • Education
  • Audit and validation
  • Simplifying complexity

    Using multi-dimensional security reduces the risk of a security breach, secures data flows throughout the transmission path, reduces the impact and cost of compliance audits, protects against insider attacks and demonstrates due diligence.


    MULTI-DIMENSIONAL ENTERPRISE-WIDE SECURITY

      Introduction
      Protection strategies
      Risk assessment and analysis methodologies
      Define risks
      The goal of an information security policy
      Due diligence
      Corporate reputation
      Audit and validation
      Simplifying complexity
      Divide and conquer
      An action plan

    ABOUT THE AUTHOR:
    Rebecca Herold is currently an information privacy, security and compliance consultant, author and instructor with her own company, Rebecca Herold, LLC. Rebecca has provided information security, privacy and regulatory services to organizations from a wide range of industries. She has over 15 years of information privacy, security and compliance experience. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the 1998 CSI Information Security Program of the Year Award.
  • This was first published in January 2006

    Dig deeper on Information Security Policies, Procedures and Guidelines

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close