To protect the information assets and to ensure its confidentiality, integrity and availability, a secure architecture has to be designed, implemented and integrated with each other and configured in a manner relevant to the organization. We look at some of the factors that need to be considered while designing your security architecture.

As more and more businesses adopt Information technology to increase productivity and efficiencies, the value of an organization’s information assets increases. The loss caused to organizations by inflicting damage on its information assets would be tremendous. A comprehensive risk assessment exercise would help assess the potential losses and create a case for security architecture.

To protect the information assets and to ensure its confidentiality, integrity and availability, a secure architecture has to be designed, implemented and integrated with each other and configured in a manner relevant to the organization. Of course, ongoing management of the security components is another matter altogether.

There are various aspects, which need to be taken into consideration while designing security architecture. Some of these are:

• Business requirements
  
• Inputs from Risk Assessment & Gap Analysis
  
• Existing IT architecture including
  • Various operating systems
    
  • WAN topology
    
  • LAN Topology
    
  • Network protocols
    
  • Network Devices
    
  • Applications & Databases
• Existing security components
  
• The organization''s security policy and existing processes

Based on these inputs the potential security gaps need to be identified. Subsequently, various design options to minimize and manage the risks posed by the security gaps must be identified and evaluated.

Of course commercial considerations also should be taken into account and a security road map must be prepared to phase out the implementation and manage cash outflow. This ensures that critical concerns are addressed on a priority basis.

Various products that address the requirements must then be identified and evaluated. One key aspect that must be kept in mind at this stage is how the various products integrate with each other. Some of the usual products are:

• Firewalls
  
• Anti Virus and Content vectoring solutions
  
• Intrusion Detection Systems, both host based and network based
  
• Vulnerability Assessment and management tools
  
• 2 Factor Authentication
  
• Directory Services and Single Sign On
  
• Implementation of secure protocols such as SFTP, SSH
  
• Public Key Infrastructure and Digital Signatures

Once the products are identified a detailed implementation and roll out plan must be prepared to ensure that there is no disruption of services. The various components must then be implemented and tested as per the plan.

The ongoing monitoring and management of these security components are extremely critical for proper functioning. Implementation of security components, without proper ongoing management, can give a false feeling of security, which could turn out to be dangerous.

An effective approach to Designing and Implementing Security Architecture

Benefits to the Customer

Implementing a secure architecture offers the following advantages to the customer:

• Minimizes / mitigates the risks posed by security incidents
  
• Technology components to ensure compliance with security policy
  
• Educated users who can use, administer and maintain the system on an ongoing basis