Best Security combo for enterprise security?

By focusing on data Classification, data Protection and Controls / monitoring you will be able to track and protect the information that contains the most important value for your company. My goal here is to focus first on DATA protection and not to build just an old-school fortress (even if we need one). Cloud technology, mobiles devices and shadow IT render that castle completely OPEN.

I know that security is not products based. But … when the policies are there, … it is time to enforce the rules and to put in place the solutions. 

 

Here is my list of solutions that I like for each different security areas. (Feel free to propose a better combo, I’m not aware of all the solutions on the market; your feedback is welcome). I’m not focusing on Opensource solutions because most of them does not respond to a large enterprise need.  

1. User side Security

1) SSO

Single Sign-on, Enterprise password sharing and auditing

2) Software Inventory and controls

Do an inventory of all running applications and block the ones not desired

In fact, most of the Anti-virus are able to provide that feature, because they are strongly integrated with the system.

3) DPL (Data Leakage Protection)

Data monitoring, Rules, DLP, Reporting

4) Documents Classification

5) Data encryption

  • Digital Guardian
  • Most of Antivirus vendors are also providing that. Bitlocker is also fine, but you don’t have any reporting.
  • Microsoft 0ffice 365 ( cloud version can do that now)

6) Multi-factor Authentication (MFA)

7) Anti-Virus

  • Kaspersky and all the stuff available … see what’s your preferred dealer. Don’t forget, AV is not enough and CPU / Ram killer.

2. Gateways / perimeter security

1) Control the ICT access to the Critical systems (jump box and PIM)

2) New (or Next) Generation Firewall

Firewall, DMZ, network segregation, …

  • Paloalto,
  • Checkpoint,
  • Fortinet,

3) Anti-Spam

Lot of products are available.

4) Web-Filtering

Lot of products are available.

  • Barracuda,
  • BlueCoat,
  • Websense,
  • PaloAlto

 


1. Network access Control

Having a NAC is crucial to avoid undesired devices to connect on your network, even via Wireless

  • Cisco ISE
  • Meraki

2. Mobile devices security


3. Patch and Software deployment

4. File Servers monitoring

  • What is changed, removed, viewed on your file server : Varonis

5. Log and monitoring

1) Password breach detection

Implementing a solution that inform you when one of your employee is exposed to a Password leak / breach with a subscription like breachalarm.com

2) Monitoring

3) SIEM

  • QRadar
  • ArcSight
  • Splunk

There are some areas like WAF, DNS/DHCP, Backup solutions, Data replications, NAS, Load balancers, Virtualisation, I don’t want to cover here … For me, they are important, but too broad and unspecific.


 

6. Cost

Cost estimated by user / desk

  • Between 120 – 200  € / year

Cost estimated for the Enterprise security

  • No luck here, there is no limit, you have to negotiate and not spend all your money in one dedicated technology or area.

Be the first to comment

Leave a Reply

Your email address will not be published.


*


*