Security Architect and Cloud Security Management

SELECTED PROJECTS

 SECURITY ARCHITECT & CLOUD SECURITY

Client

Trusted Client


Categories

Security Architect, IT Services


Completed

March 31, 2014


Project Budget

$55,000


Project length

2 months (phase 1 & 2)

Project Details

BACKGROUND


Responsible Security Architect and Project Manager overseeing the solution design and implementation plan for enabling service capabilities of configuration items of Secure Sensitive Data (SDD*) for a global client. Project was divided into an initial phase 1 for design and a solution, followed by a phase 2 for Proof of Concept (PoC). Post handover, phase 3 for created for test and roll-out and, a phase 4 was created to manage the full implementation and configuration of information systems and network.  


(*Secure Sensitive Data (SSD) protects sensitive information such as passwords. It allows or denies users access to sensitive data, and prevents configuration files from being corrupted by malicious users. SSD utilizes passphrases to secure data. Passphrases are similar to a password that is stored in the switch and used as an encryption key. Devices that do not know the passphrase will not be able to unencrypt data that uses the passphrase.) 


Security Architect &

Cloud Security Mgmt

Do you need similar expert help?


Contact Fogel Consulting through the contact form to receive further information and possibility to present your own case and business needs.

CHALLENGE

This organizations business was a developer or manufacturing products in the steel industry and their core business was as supplyer. The organiztion is truly global and operates in more then several countries world wide with many data centres and over thousands active users. The organization was at the time tranforming their IT- and informationsystem into the cloud.


The main challenge was to enable stronger protection for the organisations citical asset (also referred to as "The Crown Juwels"). The organization needed, in order to manage their daily operations, a new solution to manages accesses for internal stakeholders and also 3’rd party vendor and sub-contractors to their corporate internal business systems such as development, test and production. The project worked close to the organizations Cloud provider.  

SOLUTION


In order to identify what systems and data should be included in the new solution, and inventory and assessment was initiated. Assessment results was then analyzed to verify actual system that needed to be included and documented as in scope for the project.


Phase 1:

    - Project Definition Report stating requirement known, resources, tasks, project scope, organization, plan and cost. - Architectural design for creating a Solution Design Definition (SDD) and Reference Architecture for Secure Sensitive Data (SSD), network and Firewalls part of SSD.


Phase 2: 

- Proof of concept, including physically tests of functions specified in phase 1.


Phase 3: 

- User testing, creating of work products, documentation and training/education of BAU “Business As Usual” personal and, preparation for rollout of Secure Sensitive Data (SDD).


Phase 4:                                                                                - Global availability including availability in service catalogue and, handover to BAU.

RESULT


All results from the different phases included:


  •  Phase 1: 
    • Defined and agreed project scope signed off by business system owner and Chief Architect. 
    • Solution Design Document (SDD) for Global transmission and accessability to Secure Sensitive Data (SSD). 
    • System and data cloud architecture overview.


  • Phase 2: 
    • Project initiation and launch of Proof Of Concept (POC) including launch, test and verification of targeted systems and data storage of Secure Sensitive Data (SSD).


  • Phase 3: 
    • Result of continued testing of larger group os users from several Global locations of the organization.
    • Roll-out Plan for Global configuration of the new Secure Sensitive Data (SSD) system.


  • Phase 4: 
    • Completion of implementation verified.
    • Configuration catalogue for Secure Sensitive Data (SSD).
    • Handover and acceptans by he steady state operation team.