Comprehensive Security in 3 Steps
More and more organizations are moving away from traditional to a modern definition of security. It's because, employees are working from home and they may use their own devices, or because of hybrid Cloud-OnPrem IT infrastructure. Following blog is merely an idea to reflect, how I would approach this topic for a comprehensive design.
As far as I'm concerned, there are three major steps to be considered:
1.) The initial step is the definition of "Area of Interests". Before we can talk about tools and services to be used, it's crucial to know, which resources we are talking about. There are two reasons for this step: there are different set of tools for each area, and there are multiple teams involved.
2.) Once there is a well defined separation of "Area of interests" in place, it's way easier to pick out metrics/logs to be collected and monitored.
3.) Maybe the most significant part of a security concept is the definition and creation of procedures for the worst case scenario.