by Dan Sullivan

This chapter will describe these requirements in a slightly different structure, organized more around clusters of requirements that would be addressed by different groups within an IT department, for example, developers and systems administrators. These are not hard and fast divisions. Some of the requirements necessitate collaboration between developers, systems administrators, application architects, and application managers. Keeping in mind the need for multiple skill sets, we will discuss the requirements organized around…

by Darren Mar-Elia

This chapter provides a practical guide to protecting your AD-based identity data. It is not part of the life cycle I spoke about in earlier chapters, but it is an important part of ensuring that any identity system you implement that leverages AD is protected such that it is able to do its job of authenticating and authorizing the right people to the right resources. All the great identity provisioning processes in the world won’t help you if your AD is a free-for-all that anyone can fiddle with to their heart’s content. This chapter will dive into the AD security model and provide techniques and best practices for securing the data that resides in AD.

by Dan Sullivan

SSL certificates are an important element of the security infrastructure that protects systems and communications. In that role, they also enable customers to trust businesses that customers might otherwise be unfamiliar with. What is it about SSL certificates that enable these properties? To answer this question, we must understand the components of an SSL certificate and how they are used for authentication and encryption. We also need to understand different uses of SSL certificates and how they enable the formation of trust. This chapter is organized into five sections that will address these issues

by Dan Sullivan

The Payment Card Industry Data Security Standard (PCI DSS) is an industry regulation designed to mitigate risks to the integrity and confidentiality of payment card data. The PCI DSS includes a number of requirements designed to improve the security of information systems storing and processing payment card data. Businesses that must comply with the PCI DSS are required to have periodic assessments performed by external examiners or, in some cases, through self-assessment.

by Don Jones

IT management has for too long involved discrete, disconnected processes that often leave key participants wondering what’s going on. Bringing everyone—users, managers, IT professionals, and more—into the loop can create significant benefits as well as reduce the tendency to fall back into discipline-based silos. This is where the integration between monitoring and service desk truly happens, and these concepts deliver the most critical, central themes discussed throughout this book. It’s all about communication—ways to better achieve communication as well as create opportunities for continuous improvement.

by Darren Mar-Elia

Managing identity is ultimately about managing access to your corporate resources. Users authenticate to resources with their identity, then use the properties of that identity (for example, group membership) to get authorized to resources. In a typical midsize-to-large organization, you might find the following sources of identity…

by Dan Sullivan

Databases are repositories for a wide variety of enterprise information. Much of that information is confidential and in some cases subject to regulations governing how securely it should be stored and transmitted. SQL Server is Microsoft’s relational database, and like many other enterprise applications from that vendor, it supports the use of SSL certificates to improve the security of communications between the database server and client devices. Again, we assume you have purchased or generated an SSL certificate for use with your SQL Server database.

by Dan Sullivan

SharePoint Server2010 has a multi-step installation process supported by the installation wizard. Once SharePoint is installed, though, additional steps are required to install an SSL certificate.

by Dan Sullivan

SharePoint server is a collaboration portal. Documents, calendars, images, and other potentially confidential and private documents are stored and exchanged in this application. Secure communications are important here just as they are in Microsoft Exchange.

by Dan Sullivan

Enterprise Microsoft Exchange deployments can require a somewhat complex architecture. The reason is that Microsoft Exchange has been designed to maintain adequate performance levels while scaling to a large user base. The common way to deal with the need for scalability (as well as reliability) is to distribute the workload over multiple servers.