Threat Management
Threat management requires pro-active inspection and maintenance, monitoring and perimeter security. This means a regular patching strategy, scanning using vulnerability assessment tools and using security devices such as WAF and API gateway devices to filter threats. Microsoft Azure and CloudFlare provide capabilities for public cloud applications. Traffic analysis tools can be used to identify and alert on weak points in perimeter cloud infrastructure.
​
Periodic vulnerability compliance review processes should also be undertaken to identify and remediate serious threats to software and operating environments in a timely fashion. Security analysis tools such as ConnectSecure and Nessus can be used to automate vulnerability detection and vendor security patching schedules analysed to identify CVE threats.
​While patching, assessment and monitoring are essential for good security, when they are done correctly they can be significant operational overheads. Any reduction in effort that can be safely leveraged by design through use of cloud technology, infrastructure consolidation or automation should be used.
Identity and Access Management
Identity and Access Management (IAM) products provide provide single-sign-on (SSO) capabilities, access control and workflow-based user provisioning. IAM products also provide features for federation arrangements, token based authentication, mobile device authentication and secure integration. It is important to have a sound IAM strategy with hybrid-cloud and multi-cloud environments as well as compliance requirements such as GDPR requiring better security for customer data. Business benefits are also derived from centralised authentication and provisioning, access control and better monitoring through auditing capabilities.
Secure credential management systems (password and passkey) such as Keeper and are also important considerations where SSO cannot be utilised.
Encryption
Encrypting perimeter communications such as customer web or B2B interactions has been a longstanding requirement. Now more pervasive use of encryption in mesh networks, between service tiers and components is becoming the norm. Encryption is only part of the picture and should also be implemented in a secure environment to be effective where architectural issues such as network separation, perimeter security and threat detection are also addressed. Effective use of encryption extends to many other areas including virtual private networks (VPN), secure messaging, secure document storage, document signing and secure mesh networking for remote system access such as Tailscale and NordVPN.