One-sided look: (A short tale on) Infrastructure Security
Security, as they may say especially from specialists, without doubt has great impact to stakeholders and organizations that wants all its assets, except those of meant to be public, be protected at all times or when it is warranted.
In the case of a critical information infrastructure, there might be a one-sided answer that IT specialists would at first hand consider before dealing on any other security solutions. Look at how internetworks is link on one end to the other. There are many different ways a multiple network sites could be interconnected, most popularly through the Internet, however the choice still depends on the kind of data that flows through it. Say at Qwerty Auto Elec Company (QAEC in short, fictitious organization name only), the riches and biggest, wanted all of its domestic and international offices linked altogether and must be secured without regard to drawbacks. It does not want its information leaked, no unauthorized access and ingress attacks (e.g. DOS) on the physical and logical layer of the network, et al. Considering no internal misconduct or conspiracy will happen QAEC wanted to achieve a 99.999 if not 100 percent network stability, at least, for a certain time period.
The combination of firewall, VPN and cryptography, to support the security of a large and geographically diverse computing processes, are worthy of the requirements, still, they may only be second to how the network infrastructure is designed and erected. With the initial specification QAEC has laid out, it may need a confined circuit and shall not be interfaced to and from the public Internet. It would require the telco to install it just like how a local area network is rendered or even better, if any.
It might be too costly (at the start) for QAEC to pursue on this direction but the integrity, confidentiality, availability and genuinness of the information is more important over anything else with respect to the interest (where the whole world watch and can be one) of the stakeholders.
The said criteria might also be true to other settings where stability during the event and unploughed information system is expected.
In the case of a critical information infrastructure, there might be a one-sided answer that IT specialists would at first hand consider before dealing on any other security solutions. Look at how internetworks is link on one end to the other. There are many different ways a multiple network sites could be interconnected, most popularly through the Internet, however the choice still depends on the kind of data that flows through it. Say at Qwerty Auto Elec Company (QAEC in short, fictitious organization name only), the riches and biggest, wanted all of its domestic and international offices linked altogether and must be secured without regard to drawbacks. It does not want its information leaked, no unauthorized access and ingress attacks (e.g. DOS) on the physical and logical layer of the network, et al. Considering no internal misconduct or conspiracy will happen QAEC wanted to achieve a 99.999 if not 100 percent network stability, at least, for a certain time period.
The combination of firewall, VPN and cryptography, to support the security of a large and geographically diverse computing processes, are worthy of the requirements, still, they may only be second to how the network infrastructure is designed and erected. With the initial specification QAEC has laid out, it may need a confined circuit and shall not be interfaced to and from the public Internet. It would require the telco to install it just like how a local area network is rendered or even better, if any.
It might be too costly (at the start) for QAEC to pursue on this direction but the integrity, confidentiality, availability and genuinness of the information is more important over anything else with respect to the interest (where the whole world watch and can be one) of the stakeholders.
The said criteria might also be true to other settings where stability during the event and unploughed information system is expected.
Comments