The purpose of an information security architecture in today's organizations, is to bring focus to the key areas of concern for the enterprise, highlighting decision criteria and context for each domain. Since security is a system property it can be difficult for Enterprise Security groups to separate the disparate concerns that exist at different system layers and to understand their role in the system as a whole. With this said, each organization needs to develop an Information Security Architecture Blueprint. The blueprint will provide the organization a framework for understanding disparate design and process considerations; to organize architecture and actions toward improving enterprise security.
Security services provide confidentiality, integrity, and availability services for the organizations information platforms. Security services are implemented as protection services, such as authentication and authorization, detection services, such as monitoring and auditing, and response services, such as incident response and forensics. These services serve as the goals and objectives for the organizations information security program for many years, but they do not provide an actionable blueprint as such. MBM Consulting can assist organizations in mapping the above listed security services into an overall enterprise security architecture blueprint.