10 Essential Digital Security Processes
-
Upload
wiley -
Category
Technology
-
view
835 -
download
0
Transcript of 10 Essential Digital Security Processes
![Page 1: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/1.jpg)
EssEntial Digital sEcurity ProcEssEs10
![Page 2: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/2.jpg)
Computer insecurity is inevitable, and technology
alone cannot save us. We also need to implement and follow secure processes.
![Page 3: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/3.jpg)
Here are 10 essential processes every organization
should follow.
![Page 4: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/4.jpg)
compartmentalize
![Page 5: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/5.jpg)
compartmentalize
Follow the principle of least privilege: only give people the privileges (e.g. server access) they need to do their job.
![Page 6: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/6.jpg)
secure the weakest link
![Page 7: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/7.jpg)
secure the weakest link
Look at the entire vulnerability landscape and create an attack tree: find the weakest link and secure it. Then worry about the next weakest link and so on.
![Page 8: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/8.jpg)
use choke points
![Page 9: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/9.jpg)
use choke points
A choke point forces users into a narrow channel, one that you can
more easily monitor and control. Firewalls and login screens are some examples.
![Page 10: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/10.jpg)
Provide defense in depth
![Page 11: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/11.jpg)
Provide defense in depth
This is about creating layers of security, such as a firewall combined with an intrusion detection
system and strong cryptography.
![Page 12: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/12.jpg)
Fail securely
![Page 13: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/13.jpg)
Fail securely
Systems should fail in such a way as to be more secure, not less. (For example, if an ATM’s PIN verification system fails, it should fail in such a way as to not spit money out the slot).
![Page 14: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/14.jpg)
leverage unpredictability
![Page 15: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/15.jpg)
leverage unpredictability
There’s no reason to broadcast your network topology to everyone
that asks. If networks are unpredictable, attackers won’t be able to wander around so freely.
![Page 16: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/16.jpg)
Embrace simplicity
![Page 17: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/17.jpg)
Embrace simplicity
A system is only as secure as the weakest link, so a system with fewer links is easier to secure.
![Page 18: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/18.jpg)
Enlist the users
![Page 19: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/19.jpg)
Enlist the users
Security measures that aren’t understood and agreed to by everyone don’t work. Enlist their support as much and as often as possible.
![Page 20: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/20.jpg)
assure
![Page 21: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/21.jpg)
assure
What we really need is assurance that our systems work properly.
This involves a structured design process, detailed documentation, and extensive testing.
![Page 22: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/22.jpg)
Question
![Page 23: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/23.jpg)
Question
Constantly question security. Question your assumptions and
decisions. Question your trust and threat models.
Keep looking at your attack trees. Trust no one, especially yourself.
![Page 24: 10 Essential Digital Security Processes](https://reader034.fdocuments.net/reader034/viewer/2022042907/5885a1c61a28abd2498b7335/html5/thumbnails/24.jpg)
Find out how to build secure systems in
by Bruce Schneier
Secrets & LiesDigital Security in a Networked World