Packed with lessons learned over a 40 year career, Secured By Design (eBook) format offers methods for securing the entire stack from prying eyes. Securing the complete stack can be a hairy process without good processes and procedures are in place.
This book is a composition of Best Practices and lessons learned over 40 years in the technology business. Almost every day we hear about another hack and theft of a companies data. Thefts include private information collected by these systems through online stores. Topics covered include encryption both at rest and over the wire. We also discuss preventive maintenance, monitoring, and reporting for each item in the stack. To be clear, compromising systems is an ongoing challenge for any company and topics covered in this book are a great place to start.
Also covered are methods for collecting and processing data necessary for reporting, Governance, and providing proactive knowledge when someone is after your data. Hacks are described and chilling examples are available detailing how IT happened. Many examples sound like common sense or “I knew that”, but some of the most destructive intrusions happened because of poor maintenance of IT systems for whatever reason.
What this book is NOT intended to do is cast dispersions on the fine professionals who spend countless hours managing systems. System management is a lot of work requiring teams of people. Even with automation, today’s larger, faster systems are voracious consumers of human resources. Hardware complexity has increased into a different paradigm and those changes make it easy to miss something. It is those “missing somethings” that are often exploited forcing companies into reactionary or containment mode.
The Secured By Design (eBook) is a long read. eBook format allows you to evaluate challenges and options on the road. The decision was made early to include the entire technology stack. Securing the entire technology stack is mandatory. One common reason given for not patching the stack was misbelief all pillars are not as vulnerable to attack from the inside and outside and obtaining approval to patch can be difficult.
Hacks are described and chilling examples are available detailing how IT happened. Many examples sound like common sense or “I knew that”. Deferred patching somewhere in the stack happens for whatever reason. In many cases, processes and procedures did not keep up with the rate of change. Other issues involved in obsolete equipment.