SECURITY ARCHITECTURE

Security architecture is a design which identifies potential risks involved in a certain scenario that the threat actors are likely to exploit. It describes how the security controls are positioned and how they relate to the overall systems architecture. It also specifies when and where to apply security controls. Key attributes of security architecture are:

  • Relationships and dependencies
  • It generally includes a catalogue of conventional controls in addition to relationship diagrams, principles and so on.
  • Drivers: Security controls are determined based on four factors:
    • Risk Management
    • Benchmarking and good practise
    • Financial
    • Legal and regulatory

Key phases that our organization includes in the security architecture process are as follows:

  • Architecture Risk Assessment
  • Security architecture and design
  • Implementation
  • Operations and monitoring

Configuration Review

If a network is insecurely configured, it may have a lot of vulnerabilities which would allow the attacker to enter the network and execute an attack. Configuration review checks the misconfigured devices such as routers or switches, or misconfigured application and web servers. It helps in finding the gaps in the network and securely configuring them to prevent the attacker from entering the network.

Our engineers have years of experience deploying and maintaining critical infrastructure. They using this experience reviewed configurations against manufacturer and industry best practices applied to your specific environment to ensure optimal configuration

What all things are covered in configuration review?

  • Hardware redundancy and fail-over capabilities.
  • Hardware and configuration scalability.
  • Hardware and Software configuration
  • Software versions in accordance with known stable releases.
  • Management, backup, logging and monitoring of the device.
  • Overall device performance review

Our configuration reviews provide best security practice recommendations for:

  • Authentication
  • Cryptography
  • Interactions with external systems
  • Software and framework choices

Threat Modeling

Threat Modeling is an iterative process that consists of defining enterprise assets, identifying what each application does with these assets, creating a security profile for each application, identifying potential threats, prioritizing potential threat and documenting adverse events and action taken in each case.

Threat Modeling principles

Threat Modeling process should not be a one-time only process. It should be an iterative process that starts during initial phase of the application and continuous throughout the application life-cycle.

  • Identify Assets
  • Create an architecture overview
  • Decompose the application
  • Identify the threats
  • Document the threats
  • Rate the threats

The output of the threat modeling process includes documentation of the security aspects of the architecture of your application and a list of rated threats.

Threat model should be a dynamic item that changes over time to cater to new types of threats and attacks as they are discovered. It should also be capable of adapting to follow the natural evolution of your application as it is enhanced and modified to accommodate changing business requirements.

Business Needs Assessment

Business needs assessment is an approach which leads to the understanding of current processes and the gaps between where you are and where you want to be. It can be a integral part of implementing strategic changes to improve your business.

Four steps are there in needs assessment:

  • Defining the perceived problem
  • Discussing about the outcomes that we desire
  • Evaluating your current processes
  • Recommending appropriate changes for improvement

There are two types of needs assessment:

  • Extensive: It generally includes SWOT analysis. SWOT stands for Strengths, Weaknesses, Opportunities and Threats.
  • Intensive: It requires ranking of priorities. It is important to develop a rank criteria. Force Field Analysis is a kind of method used for facilitating determining needs feasibility.

Architecture Review

Why we need to review?

  • To ensure the Confidentiality, Integrity and Availability of the environment
  • As technology becomes advanced, the intruders also find out advanced ways to enter into the system.
  • Monitoring the current state in order to stop any attack that might happen.

What will be reviewed?

  • Recent threat analysis report which will explain the possible threats that are most likely to happen.
  • Analyses of the current security controls
  • Analysis of network security architecture including the topology and security components

Operational Review

An operational review allows your company, division or department to evaluate your practices against leading practices in the profession and enhance your value to your organization.

Operational review includes

  • Resources as identified from the financial statements allocated according to the strategic plan?
  • Is this the best structure to support the mission and objectives as set by the Board?
  • Highlight any discrepancies identified by your investigations above. Few things are as helpful as bringing to light a mismatch of expectations.
  • If there is a problem, identify it and suggest alternatives (if possible!). The objective is to ensure that resources, and the necessary efforts to produce them, are ultimately allocated in accordance with the strategic plan for the organization.

Operational Review meetings includes

  • Keeping everyone in the loop on how your projects are going
  • High level updates on your projects- are we on right path?
  • Share travel plans
  • Individual report out
  • Escalate issues that require management involvement

Current State Security Assessment

Assessing the security program and information security is a task which should be completed on a regular basis. In order to protect the data and the system from getting hacked by hackers, the current state of your security program should be assessed so that you can improve the maturity of risk control processes, while simultaneously securing your vital business data and assets.

What are the steps involved in a security program?

Your security program can be measured in the following ways:

  • Exploring whether the incidents could have been prevented with the current technical components or the components itself were missing.
  • Determining whether the financial and satisfaction metrics are being met by the security program.
  • Assessing the maturity of the current program and determining which elements need to be updated/upgraded.
  • Weak areas are assessed and strong areas are also assessed in order to see whether additional improvements can be made.