Too many people isolate security into it’s own stack without understand that security is a part of everything. In fact, even security people tend to forget that there are technologies, not security focused, that they can leverage if they don’t have the capital budget to put something into place. So, with that in mind, here are 6 non-security technologies that every security person should be using, even though they aren’t security specific.
Logs are as important to security as they are to application development, infrastructure management, and operations. Without logs, you don’t have the ability to actually understand what is going on in your environment from a security perspective. Though not specific to security, logs can have a definite security bend.
One of the issues that security operations always has is the ability to communicate to the executives suite on what the status of a company’s security posture is. Dashboards are an important component on this communication and, if created properly, can communicate the proper information to the appropriate level of management. Remember, the Executive suite doesn’t need the same level of detail that an Infrastructure Manager does. So leveraging dashboard technology definitely helps with security.
Managed File Transfer (MFT)
Remember, communication is the most important thing that a company can do with their external partners. So there needs to be a way of sending and receiving information with your partners but in a secure manner. Normally, we would think about some sort of Federation solution but, at the end of the day, the data itself has to be transferred. So making sure the data is done so in a secure manner is important and MFT is a big part of that. You are able to tie in authentication/authorization activities and file scanning with large file transfers. This makes MFT an important component in security’s arsenal.
In the end, you can only secure things that you know about. So it’s VERY important to ensure that you have an up to date inventory control system that you can reach into and use for triggering things like periodic vulnerability scans and proper patch management practices. Audits are dependent on them as well. So make sure that you have a close tie to whatever inventory control system you have.
Speaking of patch management, I don’t think there’s much that is more important than Patch Management to security (except maybe Active Directory). Applications and infrastructure companies are always coming up with new patches that contain security updates and proper patch management to get those “security” patches into your infrastructure is key to security. It doesn’t matter if a Firewall is in place if an externally facing device has a security vulnerability exposed. So security needs to be tied into Patch Management as if it’s their own processes.
And, finally, we come to Active Directory. Some could say that AD is a security solution while others would view it as a server that has consolidated management capability. It’s used for managing all your windows based infrastructure as well as authentication/authorization into other devices (hence why the dichotomy as to whether it’s a security technology or not). Group Policies (GPO), again, can be viewed as security or it can be viewed as windows management, again being controlled by Active Directory. At the end of the day, if Security isn’t very closely tied to AD, then they are missing something.
Anyway, I could probably talk about a bunch of other technologies like backup and restore solutions, the Enterprise Service Bus (ESB), and monitoring tools but you can probably tell that as long as security is a part of every aspect of IT, it also can make use of every IT toolset. So look at all the opportunities you have to leverage existing tools, regardless of if they are security tools or not, before you cry that you haven’t been given the budget to do something.
You just might have the tools at your disposal already.
Hope that helps …