Defence in Depth Architectural Decisions

1,953 views

Published on

In this lightning talk we will explore one approach to getting multi-stakeholder agreement on Enterprise Architecture decisions focused on a defence in depth security model. Corporate enterprise technology environments can be large and complicated. And when it comes to making changes to the internet facing security environment both rigorousness and resistance to change increase. These increased challenges can be overcome with good project / process management, solid end-to-end architecture, and a comprehensive decision making template. In a nutshell, this talk explores the enterprise architecture decision.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,953
On SlideShare
0
From Embeds
0
Number of Embeds
48
Actions
Shares
0
Downloads
46
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Defence in Depth Architectural Decisions

  1. 1. Defence in Depth Shepherding Solution Architecture Security Decisions
  2. 2. AGENDA 1. Description of Defence in Depth 2. Defence in Depth within the Enterprise 2.1. From the solution architect perspective 3. Issues toward implementation 4. Getting to finished
  3. 3. http://technet.microsoft.com/en-us/library/cc512681.aspx
  4. 4. 2 Perspectives CORP Perimeter DMZ1 api api
  5. 5. CORP Data GovernancePerimeter Security & Privacy Standards & Compliance Content Access & Management DMZ1 Business Continuity & DRP IDZ people.healthcare.com partners.healthcare.com doctors.healthcare.com NetworkPractices DirectoryPractices DatabasePractices SDLCPractices api Perimeter DMZ1 api api vendors.com
  6. 6. Shepherding the Decision 1. Concise problem statement 2. Identifying the technical stakeholders 3. Approvers and reviewers 4. Comprehensive set of options 5. Iterate 6. Make a recommendation 7. Related systems and issues 8. Future considerations
  7. 7. Some examples ● Identity system ● Online publishing ● Directory location ● Network segmentation ● Data location ● Search ● Being mindful of legacies
  8. 8. Peter Rawsthorne, B.Tech, M Ed IT peter@rawsthorne.org @prawsthorne http://www.linkedin.com/in/prawsthorne QUESTIONS?

×