Cybersecurity program

Running Head: SECURITY ARCHITECTURE 1

SECURITY ARCHITECTURE 5

Student Name

School NAME

Date

TABLE OF CONTENT

1.0 Introduction……………………………………………………………………………………3

2.0 Identify all types of data and sensitive data the organization will store………………………3

3.0 Define where that information is stored……………………………………………………….3

4.0 Hardware and software devices in your network……………………………………………...4

5.0 How the security controls are positioned and how they relate to the overall systems architecture…………………………………………………………………………………….4

6.0 Define security attacks, mechanisms, and services, and the relationships between these categories……………………………………………………………………………………4-5

7.0 Specify when and where to apply security controls…………………………………………...5

8.0 Present in-depth security control specifications………………………………………………5

9.0 Restricting access, layering security, employing authentication, encrypting storage, automating security, and IT infrastructure………………………………………………….5-6

10.0 Full scope of policy, procedural, and technical responsibilities………...………………...6

11.0 Reference………………………………………………………………………………….7

Security architecture is an overall term used to describe the system required to protect an organization’s IT infrastructure. This security design addresses the potential necessities and potential risks involved in a certain scenario or an environment. Security architecture translates the business requirements to executable security requirements. The security architecture protects the organization from security threats (Kamatchi, 2012). An ethical reason may warrant the need to have tougher restrictions on individuals who can access the organization's personal information especially when it pertains to property rights or individual privacy.

Identify all types of data and sensitive data the organization will store

Sensitive data is information whether in physical or electronic form that must be protected and is inaccessible to outside parties unless specifically granted permission. The information that will be stored by the organization includes (Kamatchi, 2012);

Intellectual properties, IT service information, contact information and documents, visa and other traveling documents, social security numbers, identifiable human subject research, protecting patient’s health data, trade secrets, industry-specific data, confidential information, potentially identifiable data, credit card details, and more.

Define where that information is stored.

Copies of the personal data are stored in separate locations from the original and are kept to a minimum to minimize risks of disclosure. The information is also stored in the USBs, external hard drives, desktop computers, external servers, laptops, tablets, and smartphones. This information should be encrypted using strong passwords or passcodes and is responsibly managed and regularly reviewed by the IT professions to avoid data access from unauthorized parties.

Hardware and software devices in your network

Hardware devices in the healthcare organization include a central processing unit (CPU), printers, monitors, hard drives, computer data storage, and others. On the other hand, software devices in the healthcare setting include Virtru Email and Data Encryption, Electronic Health Record (EHR) Software, medical database software, Medical research software Medical diagnosis software Medical imaging and visualization software, and Telemedicine.

How the security controls are positioned and how they relate to the overall systems architecture

Security architecture is a design artifact that describes how the security controls are positioned and how they relate to the system architecture (Almuairfi & Alenezi, 2020). These controls serve the purpose of maintaining the quality attributes of the system such as confidentiality, availability, and integrity. Before the implementation of security controls, there are guidelines to follow. First assess the size of the organization to help IT personnel identifies controls that should be implemented to mitigate existing challenges. Other guidelines include: determining the scope of the IT infrastructure and the security levels of IT assets and information systems and confirming investments in cybersecurity.

Define security attacks, mechanisms, and services, and the relationships between these categories

A security attack is unauthorized access, damage, or exposure of user's systems without their consent. Security mechanisms are the techniques and technical tools used to implement security services. An example is digital signatures and access control. Security services are the services used to implement security policies and implemented by the security mechanisms. Examples include authentication, confidentiality, authorization, non-repudiation, and source authentication. These three categories are closely related because a security mechanism is used to implement security services to prevent a user's system from security attacks (Kamatchi, 2012).

Specify when and where to apply security controls

Security controls should be used all time as long as technology is used to run operations within the organization (Almuairfi & Alenezi, 2020). Security controls are used to avoid, detect, counteract, or reduce security risks to the computer's systems, physical properties, servers, or other technology assets.

Present in-depth security control specifications

Security control is categorized into three subdivisions which include physical security, management security, and operational security. Physical security control is the protection of personal information from any physical threat that could damage, harm, or disrupt operations (Almuairfi & Alenezi, 2020). Operational security control is the individual’s effectiveness of controls which include authentication, and the security topologies implemented to applications, networks, and systems. Management security control is the overall technique of user’s controls and they offer guidance, rules, and procedures for applying a security environment.

Restricting access, layering security, employing authentication, encrypting storage, automating security, and IT infrastructure

Restricting access: this is a service used in security architecture in which system users are denied access to one or more features of operating levels.

Layering security: Layering security refers to the use of multiple components on a security system to protect operations on multiple layers or levels. This network security aims to ensure every individual defense component has a backup to counter any flaws or gaps in other defenses of security (Rudra & Vyas, 2015).

Employing authentication: authentication is one of the methods used by organizations and companies to protect user's information. A straightforward process, user authentication consists of identification, authentication, and authorization.

Encrypting storage: this is the use of encryption of information both in transit and on the storage media. This is one of the best ways to ensure data is secured if it's lost.

Automating security: this is a machine-based execution of the security actions with the power to programmatically detect, investigate and remediate cyberthreats with or without user’s intervention by identifying incoming threats, triaging and prioritizing alerts as they emerge, then responding to them in a timely fashion (Rudra & Vyas, 2015).

IT infrastructure: is described as composite hardware, software, network resources, and services required for the existence, operation, and management of an enterprise IT environment

Full scope of policy, procedural, and technical responsibilities

Security policies and procedural roles are very crucial in the security architecture because they help in addressing cyber threats and implements strategies on how threats can be mitigated and how to recover from threats that could have exposed the organization's data.

Reference

Almuairfi, S., & Alenezi, M. (2020). Security controls in infrastructure as code. Computer Fraud & Security, 2020(10), 13-19.

Kamatchi, R. (2012). Security Visualization Collaborative Security Framework for Service Oriented Architecture. International Journal Of Modeling And Optimization, 558-562.

Rudra, B., & Vyas, O. (2015). Investigation of security issues for service-oriented network architecture. Security And Communication Networks, 9(10), 1025-1039.

Soltani, D. (2020). Network security in the OSI model. SSRN Electronic Journal.