Attacks. Hackers. Credit card scams. Cyber terrorism. Insider flaw. Viruses and worms. What not?

Nowadays, you often hear statements like "The era of innocence is over", "We can't put the genie back into the bottle.", etc. Importance of security is at its peak. The objective of Enterprise Security Architecture is to provide a conceptual design of the network security architecture infrastructure and the related security policies and procedures. In short it needs to address applications, systems and processes and be able to manage security and operations. The enterprise links all the systems into one cohesive unit. Data and transaction security is of utmost importance in this age of rapidly increasing use of e-Commerce and the expansion of network both in private and government sector. We live in an era where every transaction is done over the wires. Online shopping, internet banking, online payment of bills and like are part and parcel of every individual's life. In such a scenario it is important for the concerned company implementing internet transaction system to keep the credentials of the customers secured from the outside world. Thus, the security issue is a major challenge in front of all the companies implementing information technology. Enterprise security architecture is an integral component of an Enterprise Architecture and an information security program. Enterprise architecture basically provides a foundation to develop and deploy technologies while Enterprise security architecture is used as a guideline in making strategic and architectural security decisions. It is a subset of enterprise architecture frameworks. If we had to provide a generic framework, the picture to the right would be acceptable as a high-level conceptual security architecture framework. Security is present at all levels of enterprise architecture: business, information and technology. [edit]NEED

FOR ESA

A rough classification of protective measures in enterprise security is as follows: 1. PreventionTake measures that prevent your information from being damaged, altered, or stolen. Preventive measures can range from locking the server room door to setting up high-level security policies. 2. DetectionTake measures that allow you to detect when information has been damaged, altered, or stolen, how it has been damaged, altered, or stolen, and who has caused the damage. Various tools are available to help detect intrusions, damage or alterations, and viruses. 3. ReactionTake measures that allow recovery of information, even if information is lost or damaged. An Enterprise Security Architecture essentially prevents your organizational data in view of the following aspects:

Aspects of information security

1. Confidentiality- The prevention of unauthorized disclosure of information. This can be the result of poor security measures or information leaks by personnel. An example of poor security measures would be to allow anonymous access to sensitive information. 2. Integrity- The prevention of erroneous modification of information. Authorized users are probably the biggest cause of errors and omissions and the alteration of data. Storing incorrect data within the system can be as bad as losing data. Malicious attackers also can modify, delete, or corrupt information that is vital to the correct operation of business functions. 3. Availability- The prevention of unauthorized withholding of information or resources. This does not apply just to personnel withholding information. Information should be as freely available as possible to authorized users. 4. Authentication - The process of verifying that users are who they claim to be when logging onto a system. Generally, the use of user names and passwords accomplishes this. More sophisticated is the use of smart cards and retina scanning. The process of authentication does not grant the user access rights to resourcesthis is achieved through the authorization process. 5. Authorization- The process of allowing only authorized users access to sensitive information. An authorization process uses the appropriate security authority to determine whether a user should have access to resources. [edit]RISK

ASSESSMENT AND MANAGEMENT

Risk Assessment

The core goal of development of an ESA is closely related to identification of potential risks, their assessment and management.The goal of risk management is to protect the organization and its ability to achieve its mission. It includes transferring risks to others, risk avoidance,minimizing the negative effect of risk or accepting risk.Risk assessment is used to determine areas of vulnerability within the IT environment to initiate remediation.In terms of designing and maintaining an Enterprise Security Architecture there are many advantages in using Risk Management and assessment techniques.The advantages are the ability to identify, quantify and manage risks along with cost justification.They can also be used to educate management on security awareness and to justify spending to shore up the security posture of their environments. The primary reason for evolution of the concept of Risk Management is to predict and understand the cost of adverse and unpredictable accidents. The total cost is the cost of recovery and the cost of architecture to mitigate the risk. The priority of risk management is the risk itself and not the expected cost savings. An organization may be prepared to pay a premium to be able to come up with the accurate prediction of risk. Risk management provides peace of mind though it might cost a premium. It is similar to buying accident insurance. It should be understood that risk analysis is work intensive and doesn't make sense when actual or statistical information is not available.

[edit]CLASSIFICATION

OF SECURITY THREATS

The major threats posed before any organization are described below:

HACKERS

Hackers

People who tries to illegally gain access to a computer system using programs (scripts) that others have written.The most dangerous attackers are usually insiders (or former insiders), because they know many of the codes and security measures that are already in place. Insiders are likely to have specific goals and objectives, and have legitimate access to the system.Employees are the people most familiar with the organization's computers and applications, and they are most likely to know what actions might cause the most damage. Insiders can plant viruses, Trojan horses, or worms, and they can browse through the file system.Malicious attackers normally will have a specific goal, objective, or motive for an attack on a system. These goals could be to disrupt services and the continuity of business operations by using denial-of-service (DoS) attack tools. They might also want to steal information or even steal hardware such as laptop computers. Hackers can sell information that can be useful to competitors.

ATTACKS

Types of Attacks Virus

 Use of system by unauthorized individual Denial of service (DoS) Probing of a system to gather information Physical attack of computer hardware

- A virus that worms its way through either the computers memory or a disk and alters data that it accesses. Worms burrow through and between networks. - A virus that attaches itself to seemingly innocent programs. It does not necessarily replicate, but it opens doors so that an attacker can enter undetected at a later date. - A virus that is activated or triggered after or during a certain event. This virus usually lies in wait until a specic action is undertaken

[edit]ARCHITECTURE

BITS

To understand the relevance of Enterprise Security Architecture, the picture to the right represents a one-dimensional view of enterprise architecture as a service-oriented architecture. It reflects the new addition to the enterprise architecture family called Security. Business architecture, information architecture and technology architecture use to be called BIT for short. Now with security as part of the architecture family it has become BITS. ARCHITECTURAL ELEMENTS The enterprise security architecture must ensure confidentiality, integrity and align with the corporate business objectives. There are elements, priorities and concerns in developing architecture. The elements of the enterprise security architecture aid in understanding enterprise security issues. Some of the elements are security systems of networks, computers, middleware, databases and applications. The security architecture should address all these elements for a holistic and safe enterprise. ARCHITECTURAL PRIORITIES When developing an enterprise security program, a good practice is to prioritize security concerns in the following order: people, policy, and then technology. This order of priority considers job functionality and business needs as the highest priority. Security should not have a negative impact on production or the business. Policies need to be supported and enforced to provide a secure foundation for the business. Technology is the tool to provide the desired level of security.

However, in many cases this order of priority is not established, or if initially established, changes over time. Unfortunately, the following order of priority is common: technology, policy, and then people. The reason for this is that technology can be overwhelming forcing security personnel to spend more time researching and supporting various devices, which results in loosing site of the business objectives. In addition, security personnel get heavily involved with urgent projects and relay detailed security information based on the policies, but often stray from the true business objective. Security personnel want to ensure that they do their job. It is very embarrassing to have the system compromised. The security person responsible for approving a project may be willing to sacrifice some business objectives to ensure that they are not held responsible for a security breach. In general, this is not good practice, but is a tradeoff in many risk assessments. This is another reason for performing due diligence. Clearly stated policies within the enterprise security architecture will help avoid these types of decisions. ARCHITECTURAL CHALLENGES Most important challenge is the increasing technological advancements and more than increasing attacking mechanisms. Developing IT infrastructure and architectural designs would be dynamic and challenging. Apart from the technology aspect, there are challenges from social and management sides also. It will be a difficult to battle against the numerous other people around in the enterprise who do not understand strategic architecture, and who think that it is all to do with technology. These people will constantly challenge, attack and ridicule the system. The architecture team has to be ready to deal with this. Being a successful architect is also about being a successful communicator who can sell the ideas and the benefits to others in the enterprise. The architect needs to be educated about these issues. Enterprise architecture cannot be achieved unless the most senior decisionmakers approve. The fruits of the architectural work will be enjoyed throughout the enterprise, but only if the enterprise as a whole can begin to think and act in a strategic way. Creating this environment of acceptance and support is probably one of the most difficult tasks that one will face in the early stages of design and implementation. [edit]ENTERPRISE

SECURITY POLICY

"A security policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide" - Aronson, p.6 The first step in the building of an Enterprise Security Architecture is defining an enterprise security policy that everyone in the organization agrees to and supports. This follows a top to bottom approach. The top management level must abide by the policy and then it must be enforced through all levels of management down to every user. In many cases it works as an awareness program that teaches the users. The main objective of Enterprise Security Policy is to provide confidentiality, integrity and availability throughout the enterprise. Only 9% of employees indicated that they understood what security policies were intended to accomplish. Two thirds of responding companies do not keep policies up to date on a regular basis. (Vance, slide 15) The development of security policy requires analyzing of security threats, risks, vulnerabilities and countermeasures. The problem needs to be defines before jumping to the solution. It is to be seen that what needs to be protected and then balance the security and cost and business objectives. The information generated by the above analysis will help in determining the classification of information and define the enterprise security domains. A security policy is generally brief, high level document that uses basic terms to explain management's security concerns on the entire enterprise. It acts like a communication tool that allows

management to communicate the corporate security concerns. In general, the enterprise security policy provides in making strategic, architectural security decisions. Example :If a corporation has the following statement in it's policy "Corporate information must be protected to an extent and for a period commensurate with its value and the degree of damage that could result from its unauthorized disclosure or modification, misuse,destruction, or non-availability. The message in this statement is that corporate information must be protected but does not state any standards or measures for the same. DATA CLASSIFICATION All information have varied values and thus are classified into different categories. It helps to identify a framework to evaluate the relative value of the information. This identification of values helps to establish the cost effective controls that will preserve the information assets for the corporation. Data classification and risk management techniques should be balanced, thus resulting in a cost effective mix of security disciplines and technologies. There are varying levels of data but it should be kept to a maximum of three or four to avoid confusion. There should be a category of default classification for data which cannot be classified into levels. This default category should be the most restrictive category to ensure confidentiality. some information classification may change over time and may need to be reclassified. Here is an example of how data can be classified into three categories :Public information is information which can be shared with anyone, the public. There is no restriction on such kind of information. A good example can be sales brochure. Proprietary information is information that can be shared only within the corporation and is not shared with outside business partners because of its sensitivity, value or criticality to the corporation. Generally, the corporation us in legal contracts or bindings for the safeguard of such information. A good example can be a corporation's customer information. Private information is information that must be shared and is accessible among several selected individuals in a corporation. If this information is leaked it could violate an individual's privacy. Private information is time sensitive at times. A good example can be information regarding a corporation buying its competitors. [edit]SECURITY

DOMAINS

The intent of using security domain is to standardize a corporation's information security program to eliminate the costs, user delays and overhead of redundant security procedures. By authenticating at the outline of security domain, system do not need to authenticate users a second time.Thus, users does not need to log in multiple times. Security domains separate the enterprise network into logical discrete entities.The enterprise security policy is applied to each domain separately and in an unique way. In other words, depending upon the kind of infrastructural elements that reside in a security domain, different standards and guidelines can be used for a particular security domain. DOMAIN CLASSIFICATION Almost all enterprise networks can be logically separated into the following security domains :-

A user domain consists of the physical location of the user and the type of network equipment used to access corporate information. A transport domain consists of the public and/or parts of the enterprise network which is used to provide connectivity to other domains. A bastion domain consists of web servers, mail gateways, and application gateways. Separate bastion domains consist of VPN concentrators and network access servers. A data domain consists of mainframes, database servers, and application servers. Data classification should be done to determine which security domain to incorporate for which information set. Public information can be placed in any security domain as these information need not much security from intruders. Proprietary information should be stored in a data domain and may be stored in any domain as long as it is inaccessible to public. Private information should be stored in a data security domain. There can be an exception where a corporate executive may store private information in a user domain. Resources from multiple security domains can be virtually connected so that access can be provided to corporate information for users in convenient way. Consider a remote user accessing corporate information from home. The user resides in a user security domain. The user accesses the enterprise network over a virtual private network(VPN), which is in a transport security domain. The connection is authenticated by a VPN concentrator and authorized by a network access server in a bastion security domain. Once authorized, the connection is permitted to a server in a data security domain without going through a second authentication process. In this way all the security domains work in collaboration providing the end user a hassle free access to the data. [edit]TRUST

LEVELS

Trust refers to the condition and resulting obligation of having confidence placed in something. In terms of enterprise security architecture, at times, the managers stereotype their perception and they either trust the system or do not have confidence in it. However, on further research, one realizes that trust levels in terms of a security architecture often lies in a gray area, which is refereed to as variances. Variance refers to situations in which a domain is trusted only under special conditions, possibly due to residual risk. The degree of trust levels sought by the organization has direct repercussions on the cash balance of the companies. The extent to which a user is granted access to the confidential information can be invigilated by using elements like user authentication and user authorization. The trust level associated with a piece of information is a continuum from public to private information. Private information requires high levels of trust, and involves a high tech security mechanism to safeguard the information. The process of authorization and authentication determine the trust relationships that the organization wants to maintain. Authorization techniques are used to determine who has the right to access the data stored in the security domains. Trust levels, in turn, establish a standard level of authentication. The authentication techniques deals with the method which involves requesting user's user domain, transport domain, and if applicable bastion domain to reach the desired domain. Trust level is the criteria used to determine whether the user attempting to access the network is reliable or not, and should be hierarchical in nature. However, the level of trust might be similar or

differ from one domain to another. For example, the foreign exchange markets network of a broker in Delhi might be similar in terms of trust levels with that of his counterpart in Mumbai. However, they are connected by means of internet, which is an untrusted network. Now, if the broker in Delhi makes a direct request to his counterpart in Mumbai might be fully trusted, but if he attempts to connect via internet, it will not be of very high levels of trust.

TRUST LEVEL CLASSIFICATION Trust levels specify the minimum requirements for authentication and authorization based on the information requested or from the transport part and the resource from the user domain to the requested domain. The three trust levels are as follows:

Trust Level

Level three: Level three constitutes lowest levels of trust. No authentication or authorization is required to access information. Hence, it is not to be trusted. This layer generally relates to public information. Level Two: The trust levels associated with level two lie in a gray area, i.e. Level two is considered trusted but with a variation. The variation may be due to a residual risk. In order to access the network, the programmer often enforces a User ID and password requirement for authentication and authorization of the identity of the user. This layer relates to proprietary information. Level one: Level one incorporates high levels of trust and faith. Novel techniques such as tokens with personal identification number (PIN) or digital certificates are a prerequisite for authentication and authorization of the user. Many times the data is encrypted before being transmitted. This layer relates to private information.

[edit]TIERED

NETWORKS

Tiered network refers to the mechanism of classifying networks and service providers on the basis of their capacity and size. It basically splits the network in to multiple cost tiers. Tiered networks equip an organization with an armor which protects it from security threats. The chances of intrusion in such a network are low, as these networks physically partition the organizations network into various tiers. In between various tiers, adequate security infrastructure elements are placed so as to ensure that any intruder is unable to gain access to information residing in the organizations network. These elements filter & control the access to other network tiers. Each network might constitute of numerous network segments, but care must be taken that it does not include any network segments which are 'foreign' to the tier in question.

Broadly speaking, this security infrastructure comprises of devices like routers and firewalls. The type of information to be shared and the degree of control on the flow of information is determined by the enterprise security policy. The features and complexity of firewalls and security devices can vary drastically, but their intention is the same, i.e. to allow permitted communications while denying the intruders to access to ones organizations internal network. Similarly, at the interface between the enterprise network and the production and on-air core, a switch/router with ACLs may be employed. This tiered network approach allows the CIO to deploy different levels of security in different rings. The companies must do a cost benefit analysis before investing in tiered networks. Since the higher level of security involves a higher cost, they highest level of security is usually employed where the data involved is of strategic importance to the organization and the information is to be protected from imposters. Similarly, the data which is not very confidential can be kept in the outermost ring, as it is not cost effective for the firm to deploy many resources to protect that data. TIERED NETWORK CLASSIFICATION Almost all the organisations which use internet will fit into one the three tiered networks, i.e the Internet, the Extranet and the Intranet.

Tiered Network

INTERNET

The Internet tier comprises of a network which runs all around the globe. Individual organizations have no control on the different devices connected to the network, but they can effectively limit the access that they resident devices enjoy to the internet EXTRANET

The Extranet tier consists of a protected extension of the corporate Intranet. An extranet is typically employed to allow access to external parties such as suppliers, vendors, etc. This extension is often protected by a demilitarized zone (DMZ). In some cases, the DMZ is the extranet tier. INTRANET

The Intranet tier consists of the private enterprise network. Being internal to an organization, the managers exercises full control over this network.

[edit]LAYERED

ARCHITECTURE VIEWS

To understand how enterprise security architecture is created let us look at it layer wise and analyze the views of different players involved in its making. We will try to explain the architecture with an analogy to that of construction of a building.

The various views are as follows :BUSINESS VIEW

When a new building is incepted, the owner has a set of requirements to be implemented that must be met by the architecture. Each of the business has different set of requirements which can be found out by analyzing the need of the business. The following questions can be considered for analyzing the business security objectives. What type of system is it and for what will it be used? Why will it be used? How will it be used? Who will use it? Where will it be used? When will it be used? From the analysis of the replies one receives, one should be able to gain an understanding of the business requirements for the secure system and should be able to synthesize system architecture and a security architecture that meets those requirements. Any attempt to define an architecture that takes a short cut and avoids this essential step is very unlikely to be successful. Even so, simple observation reveals that many enterprises undertaking architectural work do not take this stage seriously. It seems to be such obvious common sense that one must first understand the requirements, and yet so few people seem to know how to approach architecture development in the information systems arena. Unfortunately many technologists and technicians believe that they already know the requirements, even though they have a poor relationship with those who might express these requirements. For many years the business people have been complaining that the information systems people are unable to deliver what the business needs, and that ICT is a serious source of cost with very little tangible benefit to show for it. The reason is simple: the business people are right. ICT vendor interests and technical innovations often drive business systems development strategy, rather than it being driven by business needs. We can take the following model for proper understanding of the needs. What? The business, its assets to be protected (brand, reputation, etc.) and the business needs for information security. In terms of the highest level of information architecture this is expressed as business decisions, along with business goals and objectives. Why? The business risks expressed in terms of business opportunities and the threats to business assets. These business risks drive the need for business security.

 How? The business processes that require security should be identified and appropriate design should be made to ensure security. Who? The organizational aspects of business security (governance and management structures, supply chain structures, out-sourcing relationships, strategic partnerships), including a definition of the extended enterprise, which includes all business partners and external relationships. Where? The business geography and location-related aspects of business security should be considered and a plan should be design that fall in line with the constraints. When? The business time-dependencies and time-related aspects of business security in terms of both performance and sequence should be taken into consideration. There should be changes in security structure not only with the change in requirements of the enterprise but also with the advent of new technology. ARCHITECTS VIEW

An architect is a creative person with a grand vision. Architects thrive on challenging business requirements. They prepare the way for more detailed work later on, when other people with different types of expertise and skill will fill in the gaps with fine details. The architects view is the overall concept by which the business requirements of the enterprise may be met. Thus, this layer is referred to as the conceptual security architecture. It defines principles and fundamental concepts that guide the selection and organization of the logical and physical elements at the lower layers of abstraction. When describing the enterprise security architecture, this is the place to describe the security concepts and principles that will be used. These include: What you want to protect- This profile provides the primary requirements engineering tool by which business requirements can be captured in a normalized, standardized form. Why the protection is important- in terms of control and enablement objectives. Control and enablement objectives are derived directly from an analysis of business operational risks (this risk assessment being made against the Business Attributes Profile the proxy assets) and are a conceptualization of business motivation for security.

 How you want to achieve the protection- in terms of high-level technical and management security strategies and a process-mapping framework through which to describe business processes. These strategies set out the conceptual layered framework for integrating individual tactical elements at the lower levels, ensuring that these fit together in a meaningful way to fulfill the overall strategic goals of the business. Such strategies may include: the strategy for applications security; the network security strategy; the public key infrastructure (PKI) strategy; the role-based access control (RBAC) strategy; and so on. For every major area of the business requirements identified in the contextual security architecture, there will be a security strategy (or group of strategies) that supports it. Who is involved in security management- in terms of roles and responsibilities and the type of business trust that exists between the parties, including asset owners, custodians and users, and service providers and service customers. The important trust concepts are concerned with the various policy authorities that govern trust within a domain, the policies that they set to govern behavior of entities in each of those domains, and the inter-domain trust relationships. Where you want to achieve the protection- conceptualized in terms of a security domains framework.The important concepts here are security domains (both logical and physical), domain boundaries and security associations. When is the protection relevant- expressed in terms of a business time-management framework.The important concept is the through-life risk management framework. THE DESIGNER'S VIEW

The designer takes over from the architect.The designer has to interpret the architects conceptual vision and turn it into a logical structure that can be engineered to create a real building.The architect is an artist and visionary, but the designer is an engineer. In the world of business computing and data communications, this design process is often called systems engineering.In terms of architectural decomposition down through the layers, the logical security architecture should reflect and represent all of the major security strategies in the conceptual security architecture. The logical security architecture is concerned with:

 What?- Business information is a logical representation of the real business.It is this business information that needs to be secured. Why?- Specifying the security and risk management policy requirements (high-level security policy, registration authority policy, certification authority policy, physical domain policies, logical domain policies, etc.) for securing business information. How? - Specifying the logical security services (entity authentication, confidentiality protection, integrity protection, non-repudiation, system assurance, etc.) and how they fit together as common reusable building blocks into a complex security system that meets the overall business requirements. The logical flow of security services is also specified in terms of process maps and a functional specification describes the required functionality. Who?- Specifying the entities (users, security administrators, auditors, etc.) and their interrelationships, attributes, authorized roles and privilege profiles in the form of a schema, and the trust that exists between them in the form of a trust framework. Where? - Specifying the security domains and inter-domain relationships (logical security domains, physical security domains, security associations). When? - Specifying the security-related calendar and timetable in terms of start times, deadlines and lifetimes (such as for registration, certification, login, session management, etc.).

THE BUILDER'S VIEW

The designer of the building hands over the work process to the builder or constructor.The builder is someone who can take the logical descriptions and drawings and turn these into a technology model that can be used to construct the building.It is the builders role to choose and assemble the physical elements that will make the logical design come to life as a real construction. This view is therefore also referred to as the physical security architecture. In the world of business information systems, the designer produces a set of logical abstractions that describe the system to be built.These need to be turned into a physical security architecture model that describes the actual technology model and specifies the detailed design of the various system components. The logical security services are now expressed in terms of the physical security mechanisms and servers that will be used to deliver these services.In total, the physical security architecture is concerned with:

 What?- Specifying the business data model and the security-related data structures (tables, messages, pointers, certificates, signatures, etc.) Why?- Specifying rules that drive logical decision-making within the system (conditions, practices, procedures and actions). How?- Specifying security mechanisms (encryption, access control, digital signatures, virus scanning, etc.) and the physical applications, middleware and servers upon which these mechanisms will be hosted. Who?- Specifying the people dependency in the form of the human interface (screen formats and user interactions) and the access control systems. Where? - Specifying security technology infrastructure in the form of the host platforms and the networks (physical layout of the hardware, software and communications lines). When?- Specifying the physical time management in terms of the timing and sequencing of processes and sessions (sequences, events, lifetimes and time intervals). THE TRADESMAN VIEW

When the builder plans the construction process, s/he needs to assemble a team of experts in each of the building trades that will be needed: the bricklayer, the plasterer, the electrician, the plumber, the carpenter, and so on.Each one of these brings some very specific production skills and some very specific products to the overall construction process. So it is in the construction of information systems. The builder needs to assemble and install a series of products from specialist vendors, and a team with the integration skills to join these products together during an implementation of the design. Each of the installers and integrators is the equivalent of a tradesman, working with specialist products and system components that are the equivalent of building materials and components. Some of these trades are hardware-related, some are software-related, and some are service oriented. The tradesmen work with a series of components that are hardware items, software items, and interface specifications and standards. Hence this layer of the architectural model is also called the component security architecture. The component architecture is concerned with: What? ICT components such as ICT products, including data repositories and processors. Why? The risk management-related tools and products such as risk analysis tools, risk registers, risk monitoring and reporting tools. How? Process tools and standards (tools and protocols for process delivery - both hardware and software).

 Who? Personnel management tools and products (identities, job descriptions, roles, functions, actions and access control lists). Where? Locator tools and standards (nodes, addresses, and other locators). When? Step timings and sequencing tools (time schedules, clocks, timers and interrupts). SERVICE MANAGERS VIEW

When system is implemented, those who designed and constructed it move out, but someone has to run the building during its lifetime. Such a person is often called the facilities manager or service manager. The job of the service manager is to deal with the operation of various services, maintaining them in good working order, and monitoring the performance against requirements. The framework for doing this is called the service management security architecture. It is concerned with the following: What Service delivery management tries to achieve: assurance of operational continuity, excellence of the business systems and maintaining the security of operational business data and information Why Operational risk management is necessary: risk assessment, monitoring, reporting and risk treatment helps to minimize operational failures and disruptions How Process delivery management happens: by management and support of systems, applications and services Who handles Personnel management: account provisioning and user support management for the security-related needs of all users and their applications, including business users, operators, administrators, etc. Where: Management of the environment: management of buildings, sites, platforms and networks When: Management schedule: managing the security-related calendar and timetable INSPECTORS VIEW There is another view of security in business information systems, the Inspectors View, which is concerned with providing assurance that the architecture is complete, consistent, robust and fit-forpurpose in every way. In the realm of information systems security this is the process of security auditing carried out by computer auditors or systems quality assurance personnel. The existence of such architecture is one of the ways in which the auditors will establish that security is being applied in a systematic and appropriate way. The framework itself can provide a means by which to structure the audit process. In addition, security audit and review is addressed as one of the major strategic programmes within the security service management architecture associated with the conceptual layer.

GOVERNORS VIEW Another view of information security management is the Governors View. This has similarities with the Inspectors View in that it is pervasive throughout entire security framework, all of which needs to be governed. Here, people deal directly with governance and management, and their motivation deals specifically with risk management, policy-making and monitoring and reporting compliance with policy. These two areas of the framework are the main thrust of the Governors influence over the information security management programme as a whole. [edit]METHODOLOGY In any business today, the security of the commercial data is one the most vital concerns. For ensuring the integrity and safety of the customer data and remaining competitive that is backed by superior business intelligence, information security is utmost important. Any security architecture should take into consideration the objectives and strategies of the organization, the importance of the free flow of information within an organization and with customers and partners.

Strong enterprise information security architecture helps in answering about the following basic questions: 1) What is the information security risk posture of the organization? 2) Will the current security architecture support or hinder achieve organizational future goals? 3) How might security architecture be changed and modified so that it adds more value? 4) Is the current architecture supporting the organizational security?

Implementing enterprise information security architecture generally commences with documenting the organizations strategy and other necessary details for example how & where it operates. Then we come down to documenting discrete core competencies, business processes, and how the organization interacts with itself and with external parties such as customers, suppliers, & government entities. After having documented the organization's strategy and structure, the architecture process then flows down into the following IT components: 1) Organization charts, activities, and process flows of how the IT Organization operates 2) Organization cycles, periods and timings 3) Suppliers of hardware, software technology , and services 4) Applications and software inventories and diagrams 5) Interfaces between applications i.e.: events, messages and data flows 6) Intranet, Extranet, Internet, e-Commerce, EDI links with parties within & outside of the organization 7) Data classifications, Databases and supporting data models 8) Hardware, platforms, hosting: servers, network components and security devices and where they are kept 9) LAN and WAN, Internet connectivity diagrams

At all times, the above mentioned should be related explicitly to the organization's strategy, goals and

processes. The ESA will document the present state of the technical security components listed above, along with a desired future state and finally come to a "Target" future state which is the result of engineering compromises & tradeoffs versus ideal state. The result obtained is a nested and interrelated set of models, usually managed and maintained with specialized software. Any organization should design and implement a process that ensures continual shift from the current to the future state. The future state will be obtained through the combination of one or more 1) Closing gaps that are present between the current organization strategy and the ability of the IT security dimensions to support it 2) Closing gaps that are present between the desired future organization strategy and the ability of the security dimensions to support it 3) Necessary upgrades and replacements that must be made to the IT security architecture based on supplier viability, age and performance of hardware and software, capacity issues, known or anticipated regulatory requirements, and other issues not driven explicitly by the organization's functional management. 4) On a regular basis, the current state and future state are redefined to account for evolution of the architecture, changes in organizational strategy, and purely external factors such as changes in technology and customer/vendor/government requirements, and changes to both internal and external threat landscapes over time. [edit]SECURITY

ASSESSMENT

Assessments are an essential component of the security architecture as they help an organization to evaluate the effectiveness of the architecture. Under the assessment, an organization can form crossfunctional team consisting of the following: 1) SMEs who will be responsible for the architecture's daily security. 2) Operations management and IT staff who will be responsible for supplying the IT infrastructure that supports the organization. 3) System and network administrators familiar with the IT environment and responsible for implementing much of the technical element of the security architecture. 4) Business process and information owners who use the security architecture and perform a key role in the security architecture's successful operation. 5) Legal and human resources with knowledge on legal, regulatory, and personnel issues and concerns. After the information is gathered from those responsible for each component or activity, assessment starts by the auditors. Besides that auditors should also enquire about the below mentioned factors: 1) Common industry risks such as corporate espionage. 2) Risks which as individual organization faces e.g. use of Windows OS or Linux or Mac. 3) The methodology used in the design and operation of the organizations security architecture. 4) Frameworks published by professional organizations and academic researchers. In addition, the architecture is simplified further into manageable pieces. To do this, auditors go for reviewing the documented procedures for checking completeness so that they are aligned with the established standards in accordance with the business needs.

[edit]RELATIONSHIP

TO OTHER DISCIPLINES

As already discussed in the above sections, security is one of the major concerns of any company. Enterprise Security Architecture acts as a major asset for any organization with respect to information security. Today, an Enterprise Security Architecture is required in most organizations to manage and monitor the IT systems more effectively. In the present days competitive world, enterprises have become highly dependent on Information technology to support daily operations every working minute. Those times have vanished, when IT was used as a tool to make manual processes effective and cost efficient and could be substituted by manual processes whenever there was unavailability of technology. The current Information Technology systems in enterprises are the key driver of business processes to happen. When there is a failure of technology, the whole business fails. In case of a long failure of technology, the company is vulnerable to revenue losses. The main benefit of Enterprise Security Architecture can be mapped with the benefits of IT architecture cost effectiveness through standardization. The cost effectiveness advantage arises from the re-use of controls specified in the architecture, but this has more impact rather than just the cost of Architecture implementation. Some of the advantages are: 1.Simpler and cheaper implementation attributed to economies of scale 2.Re-use of management interfaces 3.Effective compliance checking 4.Simpler measurement of effectiveness 5.Higher rate of implementation of standards 6.Re-use of Skills of employees 7.Quicker project approvals In addition to all the advantages that Security Architecture offers to a large multinational firm, this helps industry experts share a common understanding and get familiarized with the terminology used. In the case of an enterprise with complex systems, the Security Architecture is highly important for the employees working on different sub platforms to make them realize the employees contribution to the product and what contribution that the product must meet. [edit]CONCLUSION Security policies are based on the basic essential aspect of a business safeguarding information. Data which is important for continuing the operation of a business should be protected and such data deserve protection. The security policies and the architecture define the extent of protection of these assets. The security methodology of any information system is developed on effective and efficient Enterprise security architecture model and the protocol/method of delivery. An Enterprise Security Architecture approach provides the required technical insight, implementation plan, verified processes and other assets required to ensure the correct limit of risk management in a firm based on the firm unique and targeted goals. Architecture should be built taking into consideration the requirements of the entire enterprise, aiding to confirm that all aspects of information security are considered from the main and auxiliary systems, software and hardware packages to all communication systems and points of connection.

It is right to say that the Enterprise Security Architecture Model provides a systematic and unified structure to assist organizations in judging and testing their existing information systems infrastructure, creating a protocol for developing improvements and finally an avenue to execute the recommended improvements. An Enterprise Architecture model does not just give the company an implementation plan or a security solution. It takes the organization through the complete implementation process , starting from scratch, design and configuration to integration, testing and final production.