Friday, December 26, 2014

Are You Concerned About the Security of Your Business?

You should be, which is why you should buy “Designing and Building a Security Operations Center”. What is an operations center? Think of NASA, such as in a movie or real life for that matter. So what about an SOC? A Security Operations deals more with security than other operations of a business. You will have specialists, such as people who deal with communications, telephony, and web services. But they will be a team, with a manager and they will work together, rather than as just one person. Although I think there may be instances in a very small business, such as a web-based business where there is only one employee, who also is the owner, and whatever else is needed. Many hats, one person. But as that person expands in business, they will possibly have an SOC. If they don’t, I seriously think they definitely should. Because when you have a business and sell anything online, or even a physical, brick and mortar store, you still need security. You have to protect your clients’ information.
There have been an awful lot of stories in the news whose credit/debit card transactions were compromised, and at least one even had the money rerouted to somewhere else. (Of course, I could have misunderstood this story.) It went on for quite a while. I would think they would have caught this long before they did. Where was the SOC then? Did they even have one? Shame on them if they didn’t. I personally have no idea if they did or did not have an SOC.
If you follow the directions in this book, then you have no excuse for not having an SOC. In this book, there are three appendixes. Each one serves a purpose. In Appendix A, you will see common types of attacks, also entry points and threat vectors. Appendix B deals with security devices, while Appendix C deals with the types of functions and services you can utilize in an SOC. Copied and pasted from Appendix C:
Each service can be provided in one or more of five categories:
• Network
• Host
• Application
• Data
• Intelligence
As you can see from the above list, this book is comprehensive in dealing with an SOC. I recommend this book to anyone who is concerned with security and would to tighten up their security measures.


No comments: