About security architecture and framework
This is an article about security architecture and framework.
hello!
This time, we will learn about security architecture and framework.
Before starting the writing in earnest,
—Today’s TMI—
Wow, I watched the LCK tournament today and it was really exciting..!
I really respect the MVP ‘Giin’, including those ranked 10th and 1st in the team rankings!
I look forward to your future actions as well. Congratulations~!
—TMI End—
Let’s get back to writing!
Security architecture and frameworks are important concepts used to build and manage the security of an organization or system.
In this article, we will look at the concepts and examples of administrative, physical, and technical security.
Administrative Security Administrative Security
Administrative Security Administrative security refers to managing security through organizational policies, procedures, and regulations.
Key administrative security examples include:
- Security Policy: A document that defines the principles and guidelines for security within an organization. For example, password policies, access control policies, etc.
- Education and awareness training: Activities to provide security training to employees and increase awareness of security.
- Risk assessment and management: This is an activity that evaluates the security risks of the system and establishes appropriate response plans.
Physical Security
Physical security refers to protecting physical devices and facilities to ensure security.
Key physical security examples include:
- Access control: A system that restricts and monitors access to people entering a building or facility. Access cards, biometrics, etc. may be used.
- CCTV and detection system: A system that monitors and recognizes activities inside and outside the facility through CCTV cameras and a motion detection system.
- Fire and disaster preparedness: This is a system that protects facilities against fire and natural disasters. For example, fire extinguishers, emergency exits, etc.
Technical Security
Technical security means using technological methods to protect systems and data.
Key technical security examples include:
- Encryption: This is a technology that encrypts data and protects it from illegal access from outside. A representative example is website encryption using SSL/TLS protocols.
- Firewall: A system that controls communication between external and internal networks and blocks illegal access.
- Intrusion Detection System (IDS) and Intrusion Prevention System (IPS): Systems that detect and block malicious activity within a network.
Conclusion
Security architectures and frameworks provide a way to build and maintain security by comprehensively considering these administrative, physical, and technical security elements.
It is important to use them in combination to suit each organization or system.
thank you