What & Why?
The objective of enterprise security architecture is to provide the conceptual design of the network security infrastructure, related security mechanisms, and related security policies and procedures. The enterprise security architecture links the components of the security infrastructure as one cohesive unit. The goal of this cohesive unit is to protect corporate information.
This structured approach saves time, resources, and money by providing guidelines to reduce the repeated security practices and processes that should be performed with each IT project. A strategic and effective enterprise security architecture of today needs to be based on "Defense in Depth" which is a concept used to describe layers of defense strategies. The components at each layer work in tandem to provide one cohesive security mechanism.
It is commonly seen of many corporate organizations that information security solutions are often designed, acquired and installed on a tactical basis. A requirement is identified, a specification is developed and a solution is sought to meet that situation. In this process there is no opportunity to consider the strategic dimension, and the result is that the organization builds up a mixture of technical solutions on an ad hoc basis, each independently designed and specified and with no guarantee that they will be compatible and interoperable.
There is often no analysis of the long-term costs, especially the operational costs which make up a large proportion of the total cost of ownership, and there is no strategy that can be identifiably said to support the goals of the business.
intiGrow helps organizations avoid these piecemeal problems by assisting in the development of an enterprise security architecture which is business-driven and which describes a structured inter-relationship between the technical and procedural solutions to support the long-term needs of the business. If the architecture is to be successful, then it must provide a rational framework within which decisions can be made upon the selection of security solutions.
intiGrow will derive the decision criteria from a thorough understanding of the business requirements, including - the need for cost reduction, Modularity, Scalability, Ease of component re-use, Operability, Usability, Inter-operability both internally and externally, Integration with the enterprise IT architecture and its legacy systems.