Solution design – security in action
Security needs to be designed, implemented, and practiced on every platform component, including the hardware, middleware, software, and containers. The following subsections will discuss the different controls that are used to manage and support access to the client’s systems, production environment, personal information, sensitive personal information, and business-sensitive information.
Change management and planning
Security should be started from the bottom layer, which is hardware. Standard policies must be defined to enforce change management and access control management to establish the proper structure for security management. Here is a list of best practices for secure operations:
- Use a set of standard information security change management policy controls to make any changes to the specification or configuration of a system’s hardware or software component. These policies define the life cycle of any...
