Plan for a security architecture

Tuesday, 12 November 2002, 3:38 PM EST

Volatility and immaturity in security technology will continue to make enterprisewide technology architectures impractical through 2003. However, the need for a consistent approach, scalability, agility, and auditability will drive development of adaptive, top-down security architectures encompassing consistent policy frameworks, strong process orientation, service definitions, formal roles/responsibilities, and domain-specific technology standards (2002-03). Scalable technology architectures for security will evolve as a result of broader standards (2004-06).

Rulings by the Federal Trade Commission pertaining to privacy and security issues (e.g., against Eli Lilly and Microsoft) have focused not on monetary fines, but on the requirement that a "security program" be established and maintained to protect the privacy and confidentiality of (consumer) information. Meta Group interprets this as a precursor to (if not the equivalent of) requiring a security architecture, which Meta Group defines as a set of guiding principles and the resultant embodiment of those principles in the form of an orderly and comprehensive arrangement of security components (e.g., people, process, and technology).

[ Read more ]




Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //