SlideShare a Scribd company logo

Defense Foundation Technology Business Brief

W
wdjohnson1

This is a business brief about the Defense Foundation Technology and why it different.

1 of 4
Download to read offline
FOUNDATION MANAGEMENT FOR SECURITY What is Foundation Management Security? Foundation Management addresses security at all levels of IT infrastructure in a bottom-up approach that encompasses all possible modes of opera- tion. This is a distinct departure from traditional security practices that are built from a top-down perspective with the assumption that security only applies to the IT infrastructure when that infrastructure is available on the normal network. Foundation Manage- ment builds from the Bottom-up of IT archi- tecture, starting with the high authority, privileged interfaces in the Component layer of IT. Yet the nature of IT infrastructure presents a challenge to the top-down se- curity model. For example, a security breach at the systems layer automati- cally compromises the applications layer—and a security breach at the component layer automatically compromises both the systems and applica- tions layers. Foundation Management addresses this security dependency in the IT in- frastructure-and its inverted pyramid relationship-thereby addressing a number of security considerations that have been left out of enterprise se- curity models and strategy to date.
FOUNDATION MANAGEMENT FOR SECURITY What Problems does it Solve? Security must protect the organization from damage by preventing out- sider intrusion and limiting access to sensitive data by insiders. Founda- tion Management is a key element in this strategy: used to prevent in- siders (including outsiders if they get past perimeter defenses) from: Gaining access to, altering or destroying sensitive data Disruption from improper configuration of components or systems Wreaking havoc through insertion of destructive code or programs The component layer of IT architecture is the most unsecured and vul- nerable part of IT infrastructure. Privileged insiders routinely access the component layer to configure, repair, and maintain the component and systems layer of the architecture. These privileged insiders are ―trusted‖ IT experts (internal IT staff, con- tractors and vendor service technicians) who have access to IT infra- structure at its very foundation through privileged component interfaces that include physical (baseboard manage- ment controllers, privileged serial ports) interfaces and software (consoles) to operating systems, virtual machines, etc. Foundation Management addresses the security gap at the component layer where privileged interfaces are at best managed through manual controls and are - at worst - ―secured‖ by ―trusting‖ the IT experts (internal IT staff, contrac- tors and vendor service technicians) who use them. Foundation Management starts here—where IT infrastructure is most vulnerable to theft, revenge, innocent error and even terrorism. This is the Insider Threat. Foundation Management augments existing security practices by cap- turing security-related events from security devices as well—such as firewalls, intrusion-detection and authentication systems. By monitoring and managing security ―gate keepers,‖ Foundation Management further increases the ability of the organization to secure its IT infrastructure, prevent undesirable actions, detect security threats and capture security -related records.
FOUNDATION MANAGEMENT FOR SECURITY How is Foundation Management Security Different? By starting with the component layer of IT infrastructure, Foundation Man- agement secures IT infrastructure at the very foundation of the infrastruc- ture by establishing connection and control over privileged component in- terfaces that are used to configure, repair, and maintain the systems layer of the architecture regardless of the operation mode of the component. This means that even while systems and components are ―off the corpo- rate network‖ the security model is still in place. The Security Model re- mains in place in all “operating modes,” even when programs, the operating system, and corporate net- work access is not available. This security approach manages Insiders that are supposed to be there (staff, contractors, service techs) and Insiders who CAME FROM the out- side by breaking through security. This approach also includes ―friendly outsiders‖ who work with our part- ners, people who can ―ride in‖ on a designed network connection and gain access to privileged interfaces. Unsecured privileged interfaces are the most vulnerable security point in our organizations today, but with Foundation Management that vulnerabil- ity is finally secured.
FOUNDATION MANAGEMENT FOR SECURITY How do I Act on This? The Defense Foundation from TDi Technologies® delivers Foundation Management Security, directly addressing the challenge of the Insider Threat. Part of the Foundation Management Product Series, the Defense Foun- dation secures privileged interfaces – placing them under secure, role- based systems management and authentication and provides forensic recording of every action taken over a privileged interface, recording this information down to the keystroke for each action. The next step is to talk with us, so that we can get to know your situa- tion and help you determine the best steps to take in order to leverage the capabilities of the Defense Foundation for your organization. CONTACT: Contact form: www.TDiTechnologies.com/contact Toll Free: 800.695.1258 International: (+01) 972.881.1553 Email: sales@TDiTechnologies.com You can also read more on Foundation Management and TDi Tech- nologies® on the web at www.TDiTechnologies.com and review addi- tional information on the Defense Foundation on the web at www.TDiTechnologies.com/DefenseFoundation. TDi Technologies® Defense Foundation TDi Foundation Product Series

Recommended

Geography and economics
Geography and economicsGeography and economics
Geography and economics
ham97
 
Factors And Multiples
Factors And MultiplesFactors And Multiples
Factors And Multiples
mmeddin
 
PORTFOLIO
PORTFOLIOPORTFOLIO
PORTFOLIO
Pablo Calderón Salazar
 
Diete e Social Network: analisi delle conversazioni on line
Diete e Social Network: analisi delle conversazioni on lineDiete e Social Network: analisi delle conversazioni on line
Diete e Social Network: analisi delle conversazioni on line
Reputation Manager
 
Verkorte Titelpresentatie Margriet Nieuwe Stijl 2009
Verkorte Titelpresentatie Margriet Nieuwe Stijl 2009Verkorte Titelpresentatie Margriet Nieuwe Stijl 2009
Verkorte Titelpresentatie Margriet Nieuwe Stijl 2009
guest67eb5d9
 
OKDG - The Warm Up Meeting
OKDG - The Warm Up MeetingOKDG - The Warm Up Meeting
OKDG - The Warm Up Meeting
OKDG - Okanagan Developer Group
 
Enforcement of foreign judgments in Russia - Chapter in Getting the Deal Trou...
Enforcement of foreign judgments in Russia - Chapter in Getting the Deal Trou...Enforcement of foreign judgments in Russia - Chapter in Getting the Deal Trou...
Enforcement of foreign judgments in Russia - Chapter in Getting the Deal Trou...
Andrey Zelenin
 
IOTW: Overseas Undergraduate Studies, by Syahidah Sahrom
IOTW: Overseas Undergraduate Studies, by Syahidah SahromIOTW: Overseas Undergraduate Studies, by Syahidah Sahrom
IOTW: Overseas Undergraduate Studies, by Syahidah Sahrom
MENDAKI Club
 

Recommended

Geography and economics
Geography and economicsGeography and economics
Geography and economics
ham97
 
Factors And Multiples
Factors And MultiplesFactors And Multiples
Factors And Multiples
mmeddin
 
PORTFOLIO
PORTFOLIOPORTFOLIO
PORTFOLIO
Pablo Calderón Salazar
 
Diete e Social Network: analisi delle conversazioni on line
Diete e Social Network: analisi delle conversazioni on lineDiete e Social Network: analisi delle conversazioni on line
Diete e Social Network: analisi delle conversazioni on line
Reputation Manager
 
Verkorte Titelpresentatie Margriet Nieuwe Stijl 2009
Verkorte Titelpresentatie Margriet Nieuwe Stijl 2009Verkorte Titelpresentatie Margriet Nieuwe Stijl 2009
Verkorte Titelpresentatie Margriet Nieuwe Stijl 2009
guest67eb5d9
 
OKDG - The Warm Up Meeting
OKDG - The Warm Up MeetingOKDG - The Warm Up Meeting
OKDG - The Warm Up Meeting
OKDG - Okanagan Developer Group
 
Enforcement of foreign judgments in Russia - Chapter in Getting the Deal Trou...
Enforcement of foreign judgments in Russia - Chapter in Getting the Deal Trou...Enforcement of foreign judgments in Russia - Chapter in Getting the Deal Trou...
Enforcement of foreign judgments in Russia - Chapter in Getting the Deal Trou...
Andrey Zelenin
 
IOTW: Overseas Undergraduate Studies, by Syahidah Sahrom
IOTW: Overseas Undergraduate Studies, by Syahidah SahromIOTW: Overseas Undergraduate Studies, by Syahidah Sahrom
IOTW: Overseas Undergraduate Studies, by Syahidah Sahrom
MENDAKI Club
 
Enhance your Maven plugins with Groovy
Enhance your Maven plugins with GroovyEnhance your Maven plugins with Groovy
Enhance your Maven plugins with Groovy
Harald Soevik
 
Impact of the new deal.pptb
Impact of the new deal.pptbImpact of the new deal.pptb
Impact of the new deal.pptb
ham97
 
Exploration of the new world
Exploration of the new worldExploration of the new world
Exploration of the new world
ham97
 
Apostolate Of Married People
Apostolate Of Married PeopleApostolate Of Married People
Apostolate Of Married People
John Gonzalez
 
Corporate lessons
Corporate lessonsCorporate lessons
Corporate lessons
Deepty Chauhan
 
The war at home b
The war at home bThe war at home b
The war at home b
ham97
 
Etech2
Etech2Etech2
Etech2
ham97
 
Geography and economics
Geography and economicsGeography and economics
Geography and economics
ham97
 
Social Banking ed Executive Reputation: la reputazione on line di banche e to...
Social Banking ed Executive Reputation: la reputazione on line di banche e to...Social Banking ed Executive Reputation: la reputazione on line di banche e to...
Social Banking ed Executive Reputation: la reputazione on line di banche e to...
Reputation Manager
 
Social lions190213
Social lions190213Social lions190213
Social lions190213
GIROIDEA Avanguardia Comunicativa
 
The atomic bomb ends the war
The atomic bomb ends the warThe atomic bomb ends the war
The atomic bomb ends the war
ham97
 
Costruire la reputazione tra università e impresa
Costruire la reputazione tra università e impresaCostruire la reputazione tra università e impresa
Costruire la reputazione tra università e impresa
Reputation Manager
 
iCAMS-AFS
iCAMS-AFSiCAMS-AFS
iCAMS-AFS
mrdibyendu
 
Modularization, testing and technical debt (in a large agile project)
Modularization, testing and technical debt (in a large agile project)Modularization, testing and technical debt (in a large agile project)
Modularization, testing and technical debt (in a large agile project)
Harald Soevik
 
Digital Design Trends
Digital Design TrendsDigital Design Trends
Digital Design Trends
Louise McGregor
 
La cruz del cambio
La cruz del cambioLa cruz del cambio
La cruz del cambio
John Gonzalez
 
The cold war heats up
The cold war heats upThe cold war heats up
The cold war heats up
ham97
 
Papa Ratzinger vs Dalai Lama: la rete vi vede così
Papa Ratzinger vs Dalai Lama: la rete vi vede cosìPapa Ratzinger vs Dalai Lama: la rete vi vede così
Papa Ratzinger vs Dalai Lama: la rete vi vede così
Reputation Manager
 

More Related Content

Viewers also liked

Enhance your Maven plugins with Groovy
Enhance your Maven plugins with GroovyEnhance your Maven plugins with Groovy
Enhance your Maven plugins with Groovy
Harald Soevik
 
Impact of the new deal.pptb
Impact of the new deal.pptbImpact of the new deal.pptb
Impact of the new deal.pptb
ham97
 
Exploration of the new world
Exploration of the new worldExploration of the new world
Exploration of the new world
ham97
 
The war at home b
The war at home bThe war at home b
The war at home b
ham97
 
Etech2
Etech2Etech2
Etech2
ham97
 
Geography and economics
Geography and economicsGeography and economics
Geography and economics
ham97
 
The atomic bomb ends the war
The atomic bomb ends the warThe atomic bomb ends the war
The atomic bomb ends the war
ham97
 
Modularization, testing and technical debt (in a large agile project)
Modularization, testing and technical debt (in a large agile project)Modularization, testing and technical debt (in a large agile project)
Modularization, testing and technical debt (in a large agile project)
Harald Soevik
 
The cold war heats up
The cold war heats upThe cold war heats up
The cold war heats up
ham97
 

Viewers also liked (18)

Enhance your Maven plugins with Groovy
Enhance your Maven plugins with GroovyEnhance your Maven plugins with Groovy
Enhance your Maven plugins with Groovy
 
Impact of the new deal.pptb
Impact of the new deal.pptbImpact of the new deal.pptb
Impact of the new deal.pptb
 
Exploration of the new world
Exploration of the new worldExploration of the new world
Exploration of the new world
 
Apostolate Of Married People
Apostolate Of Married PeopleApostolate Of Married People
Apostolate Of Married People
 
Corporate lessons
Corporate lessonsCorporate lessons
Corporate lessons
 
The war at home b
The war at home bThe war at home b
The war at home b
 
Etech2
Etech2Etech2
Etech2
 
Geography and economics
Geography and economicsGeography and economics
Geography and economics
 
Social Banking ed Executive Reputation: la reputazione on line di banche e to...
Social Banking ed Executive Reputation: la reputazione on line di banche e to...Social Banking ed Executive Reputation: la reputazione on line di banche e to...
Social Banking ed Executive Reputation: la reputazione on line di banche e to...
 
Social lions190213
Social lions190213Social lions190213
Social lions190213
 
The atomic bomb ends the war
The atomic bomb ends the warThe atomic bomb ends the war
The atomic bomb ends the war
 
Costruire la reputazione tra università e impresa
Costruire la reputazione tra università e impresaCostruire la reputazione tra università e impresa
Costruire la reputazione tra università e impresa
 
iCAMS-AFS
iCAMS-AFSiCAMS-AFS
iCAMS-AFS
 
Modularization, testing and technical debt (in a large agile project)
Modularization, testing and technical debt (in a large agile project)Modularization, testing and technical debt (in a large agile project)
Modularization, testing and technical debt (in a large agile project)
 
Digital Design Trends
Digital Design TrendsDigital Design Trends
Digital Design Trends
 
La cruz del cambio
La cruz del cambioLa cruz del cambio
La cruz del cambio
 
The cold war heats up
The cold war heats upThe cold war heats up
The cold war heats up
 
Papa Ratzinger vs Dalai Lama: la rete vi vede così
Papa Ratzinger vs Dalai Lama: la rete vi vede cosìPapa Ratzinger vs Dalai Lama: la rete vi vede così
Papa Ratzinger vs Dalai Lama: la rete vi vede così
 

Defense Foundation Technology Business Brief

  • 1. FOUNDATION MANAGEMENT FOR SECURITY What is Foundation Management Security? Foundation Management addresses security at all levels of IT infrastructure in a bottom-up approach that encompasses all possible modes of opera- tion. This is a distinct departure from traditional security practices that are built from a top-down perspective with the assumption that security only applies to the IT infrastructure when that infrastructure is available on the normal network. Foundation Manage- ment builds from the Bottom-up of IT archi- tecture, starting with the high authority, privileged interfaces in the Component layer of IT. Yet the nature of IT infrastructure presents a challenge to the top-down se- curity model. For example, a security breach at the systems layer automati- cally compromises the applications layer—and a security breach at the component layer automatically compromises both the systems and applica- tions layers. Foundation Management addresses this security dependency in the IT in- frastructure-and its inverted pyramid relationship-thereby addressing a number of security considerations that have been left out of enterprise se- curity models and strategy to date.
  • 2. FOUNDATION MANAGEMENT FOR SECURITY What Problems does it Solve? Security must protect the organization from damage by preventing out- sider intrusion and limiting access to sensitive data by insiders. Founda- tion Management is a key element in this strategy: used to prevent in- siders (including outsiders if they get past perimeter defenses) from: Gaining access to, altering or destroying sensitive data Disruption from improper configuration of components or systems Wreaking havoc through insertion of destructive code or programs The component layer of IT architecture is the most unsecured and vul- nerable part of IT infrastructure. Privileged insiders routinely access the component layer to configure, repair, and maintain the component and systems layer of the architecture. These privileged insiders are ―trusted‖ IT experts (internal IT staff, con- tractors and vendor service technicians) who have access to IT infra- structure at its very foundation through privileged component interfaces that include physical (baseboard manage- ment controllers, privileged serial ports) interfaces and software (consoles) to operating systems, virtual machines, etc. Foundation Management addresses the security gap at the component layer where privileged interfaces are at best managed through manual controls and are - at worst - ―secured‖ by ―trusting‖ the IT experts (internal IT staff, contrac- tors and vendor service technicians) who use them. Foundation Management starts here—where IT infrastructure is most vulnerable to theft, revenge, innocent error and even terrorism. This is the Insider Threat. Foundation Management augments existing security practices by cap- turing security-related events from security devices as well—such as firewalls, intrusion-detection and authentication systems. By monitoring and managing security ―gate keepers,‖ Foundation Management further increases the ability of the organization to secure its IT infrastructure, prevent undesirable actions, detect security threats and capture security -related records.
  • 3. FOUNDATION MANAGEMENT FOR SECURITY How is Foundation Management Security Different? By starting with the component layer of IT infrastructure, Foundation Man- agement secures IT infrastructure at the very foundation of the infrastruc- ture by establishing connection and control over privileged component in- terfaces that are used to configure, repair, and maintain the systems layer of the architecture regardless of the operation mode of the component. This means that even while systems and components are ―off the corpo- rate network‖ the security model is still in place. The Security Model re- mains in place in all “operating modes,” even when programs, the operating system, and corporate net- work access is not available. This security approach manages Insiders that are supposed to be there (staff, contractors, service techs) and Insiders who CAME FROM the out- side by breaking through security. This approach also includes ―friendly outsiders‖ who work with our part- ners, people who can ―ride in‖ on a designed network connection and gain access to privileged interfaces. Unsecured privileged interfaces are the most vulnerable security point in our organizations today, but with Foundation Management that vulnerabil- ity is finally secured.
  • 4. FOUNDATION MANAGEMENT FOR SECURITY How do I Act on This? The Defense Foundation from TDi Technologies® delivers Foundation Management Security, directly addressing the challenge of the Insider Threat. Part of the Foundation Management Product Series, the Defense Foun- dation secures privileged interfaces – placing them under secure, role- based systems management and authentication and provides forensic recording of every action taken over a privileged interface, recording this information down to the keystroke for each action. The next step is to talk with us, so that we can get to know your situa- tion and help you determine the best steps to take in order to leverage the capabilities of the Defense Foundation for your organization. CONTACT: Contact form: www.TDiTechnologies.com/contact Toll Free: 800.695.1258 International: (+01) 972.881.1553 Email: sales@TDiTechnologies.com You can also read more on Foundation Management and TDi Tech- nologies® on the web at www.TDiTechnologies.com and review addi- tional information on the Defense Foundation on the web at www.TDiTechnologies.com/DefenseFoundation. TDi Technologies® Defense Foundation TDi Foundation Product Series