3. General Solution at Application
Level
• Audit / Proactive hardening(securing)
- System must audit: status and configuration of all application
components
- perform security test and proactive hardening of the components
- detailed security audit reports: pre & post-deployment of
applications.
- Install all current patches.
- Change default passwords.
- Implement recommended security configurations.
4. • Real-Time Protection
• behavioral-based intrusion prevention system / automatic
protection provided by most antivirus, anti-spy ware, and other anti
mal ware programs.
• Detect, and block application–level attacks for which none of
signature scan and patch is known to (zero-day threats).
• Other names: Real-time protection / on-access scanning /
background guard / resident shield / auto-protect
5.
6. • Multi-tier protection
• what? network services that are delivered using multiple
servers
• disaster recovery and backup: applies Recovery Point Objective
(RPO) and Recovery Time Objective (RTO)
• RPO : data lose
• RTP : time for disaster recovery online & fully functioned in place
of the production system.
7. • Distributed Management / Centralized
Reporting
• Task and responsibility to monitor and manage application &
database security across business units/geography boundary.
• Outsourcing: consultants, contractors, or business partners.
8.
9. • Selective Encryption
• ‘last line’ of defense for the most sensitive data
• advantage: prevention of unauthorized access to data by legitimate
users
• Example:the ability of a database administrator to grant, revoke, or
change users’ access right that is within his job scope with the
restriction to copy, or do any changes to actual information in the
database such as users’ credit card number.
Editor's Notes
Network security:the guard to protect the network. -most modern security system is found in the Jewel of House, where it counts the most as the place keeps the priceless Britain’s crown jewels. -meaning: network security is moving away from protecting perimeter of the network to protecting data at the source.
Cth application: server management ( http://bobcares.com/pro-active-server-management.html / ) http://www.dynamicnet.net/managed-services/managed-server-security/server-hardening/server-hardening-details/
- Complements proactive hardening -‘real time’, the situations might be during data loaded into the computer’s active memory: insert CD, open mail, web browsing, and files in computer being opened or executed.
The RPO indicates the amount of data that users are willing to lose in an event of disaster. Example stated by NScaled technical solution brief is if snapshots of a server are taken every 30 minutes and the last snapshot was taken at 2 PM, a disaster taking place at 2.29 PM means 29 minutes of data may be completely lost. Meanwhile for RTO, it represents the amount of time taken to get the disaster recovery online and fully functioned for in place of the original production system. RTO ten
capability to delegate the responsibility for, and task involved in monitoring as well as managing application and database security across the geography boundary or business units, while providing centralized reporting of audit results.