• <Intel.co.jp のその他の情報

情報セキュリティーの再構築によるビジネスの機敏性の向上

申し訳ありませんが、この PDF はダウンロード形式でのみご提供しています。

Rethinking Information Security to Improve Business Agility

To enable rapid adoption of new technologies and usage models—and provide protection in an evolving threat landscape—Intel IT has embarked on a radical five-year redesign of Intel’s information security architecture.

We believe this architecture, designed to support key initiatives such as IT consumerization and cloud computing, represents a novel approach to enterprise security. It provides more flexible, dynamic, and granular security controls than traditional enterprise security models. For example, the architecture is designed to dynamically adjust a user’s access privileges as the level of risk changes, depending on factors such as location and the type of device used—such as a trusted mobile business PC or an untrusted personal smartphone. The architecture also focuses heavily on survivability, based on the assumption that compromise is inevitable. The new architecture is based on four pillars:
• Trust calculation. This calculation dynamically determines whether a user should be granted access to specific resources and the type of access that will be provided. It is based on factors such as the user’s client device and location, the type of resources requested, and the security controls that are available.
• Security zones. Our environment is divided into zones, ranging from trusted zones containing critical data, with tightly controlled access, to untrusted zones containing less-valuable data and allowing broader access. Communication between zones is controlled and monitored; if one zone is compromised, this prevents the problem from spreading to other zones.
• Balanced controls. To increase flexibility and the ability to recover from a successful attack, the model emphasizes the need for a balance of detective and corrective controls in addition to preventative controls such as firewalls.
• User and data perimeters. Recognizing that protecting the enterprise network boundary is no longer adequate, we need to treat users and data as additional security perimeters and protect them accordingly.

Read the full Rethinking Information Security to Improve Business Agility White Paper.