Security is easy...
... just dont give any access to users!
Traditional approaches to information security are incapable of dealing with today's threats. Just as the attackers have evolved, so the security industry needs to adopt new architectural models and techniques to deliver appropriate protection without imposing unnecessary costs. In a nutshell this is the thesis of our latest …
e. Physically separate (no copper, no fiber, no wireless, no exception) your critical assets from the Internet
f. Give preference to spending on hiring competent people instead of buying the latest bells and whistles technology that vendors might shove at you
g. Stop outsourcing human thinking to software. Computers are supposed to work for us not to think for us.
I don't necessarily agree with the idea of off-loading everything to the could. Besides, wasn't relying on the could part of HB Gary's downfall? (Among a myriad other things, yes, I know)
http://www.csoonline.com/article/677792/hbgary-s-hoglund-anonymous-not-at-all-what-people-think-they-are-
I like the whitepaper's take on breaking down the aspects of security into more practical bites. I wouldn't recommend sharing this paper with our clients, this is a very security professional audience focus. I would recommend keeping things simple, there is a benefit to maintaining Confidentiality, Integrity, and Availability as a selling tool to interested parties when talking about security practices.
kamransecurity.blogspot.com
"...Just as the attackers have evolved, so the security industry needs to adopt new architectural models and techniques to deliver appropriate protection without imposing unnecessary costs. ...."
I don't think we need a NEW architectural model - with today's frameworks it is possible to construct an architecural model for an enterprise that does take into account the realities of data replication.
What we do need is more diligent application of architectural approaches.