The primary objective in developing your enterprise security architecture is simple. It must enable your business.
All too often technologies are pieced together leaving a poorly integrated, overly complex, and costly environment to operate and maintain. Little thought is given to what the organization wants to achieve and the environmental factors that will influence those achievements.
Enterprise security architecture provides the framework within which complexity can be successfully managed, while providing an integrated systems approach to securing your organization. It looks beyond the latest technology and focuses on the business value and need so that new and legacy technologies can be leveraged to enhance business processes and maximize total cost of ownership.
38North’s approach to enterprise security architecture is based on the industry leading Sherwood Applied Business Security Architecture (SABSA) model. SABSA is a proven framework and methodology for enterprise security architecture and service management used successfully by numerous organizations worldwide. Since its inception in 1995, SABSA has evolved to be the approach of choice for commercial and government organizations. Today, it’s used to meet a wide variety of enterprise needs, including risk management, information assurance, governance and continuity management.
SABSA ensures that the your enterprise’s needs are met completely, and that security services are designed, delivered and supported as an integral part of your business and IT management infrastructure. It is comprised of six layers, with each layer representing the view of a different player in the process of specifying, designing, constructing and using the business system.