SECURITY ARCHITECT & CLOUD SECURITY
Security Architect, IT Services
March 31, 2014
2 months (phase 1 & 2)
Responsible Security Architect and Project Manager overseeing the solution design and implementation plan for enabling service capabilities of configuration items of Secure Sensitive Data (SDD*) for a global client. Project was divided into an initial phase 1 for design and a solution, followed by a phase 2 for Proof of Concept (PoC). Post handover, phase 3 for created for test and roll-out and, a phase 4 was created to manage the full implementation and configuration of information systems and network.
(*Secure Sensitive Data (SSD) protects sensitive information such as passwords. It allows or denies users access to sensitive data, and prevents configuration files from being corrupted by malicious users. SSD utilizes passphrases to secure data. Passphrases are similar to a password that is stored in the switch and used as an encryption key. Devices that do not know the passphrase will not be able to unencrypt data that uses the passphrase.)
Cloud Security Mgmt
This organizations business was a developer or manufacturing products in the steel industry and their core business was as supplyer. The organiztion is truly global and operates in more then several countries world wide with many data centres and over thousands active users. The organization was at the time tranforming their IT- and informationsystem into the cloud.
The main challenge was to enable stronger protection for the organisations citical asset (also referred to as "The Crown Juwels"). The organization needed, in order to manage their daily operations, a new solution to manages accesses for internal stakeholders and also 3’rd party vendor and sub-contractors to their corporate internal business systems such as development, test and production. The project worked close to the organizations Cloud provider.
In order to identify what systems and data should be included in the new solution, and inventory and assessment was initiated. Assessment results was then analyzed to verify actual system that needed to be included and documented as in scope for the project.
- Project Definition Report stating requirement known, resources, tasks, project scope, organization, plan and cost. - Architectural design for creating a Solution Design Definition (SDD) and Reference Architecture for Secure Sensitive Data (SSD), network and Firewalls part of SSD.
- Proof of concept, including physically tests of functions specified in phase 1.
- User testing, creating of work products, documentation and training/education of BAU “Business As Usual” personal and, preparation for rollout of Secure Sensitive Data (SDD).
Phase 4: - Global availability including availability in service catalogue and, handover to BAU.
All results from the different phases included:
IT consulting service with support for development and maintenance in the form of consulting advice with focus on
IT and Information Security and Risk Management, adherence to Compliance (legal and regulatory requirements), and leading implementation of management systems for control of IT and Information Systems (ISMS/LIS).
© Copyright. All Rights Reserved