The Evolution of Enterprise Security Systems and Best Practices by Alibaba

1) Evolution of Enterprise Security Systems

1.1 Security Issues Faced by Enterprises

(1) Ineffective control of data breach risks
(2) Ransomware
(3) Content security violations, which seriously affect business continuity
(4) Internal staff, who constitute the greatest threat to data security
(5) Increasingly serious threats from high-risk vulnerabilities
(6) Increasingly serious threats from distributed denial of service (DDoS) attacks, which affect business continuity

1.2 Driving Forces of Enterprise Security Needs

Enterprises’ security needs are driven by regulation compliance and threat defense.

1.3 Different Security Pain Points of Different Industries and Business

Different businesses confront different difficulties. For example, Alibaba’s different businesses have different security needs and priorities, which determine the focus of their security systems. The security needs of Tmall and Taobao include privacy protection, business risk control, counterfeit product identification, intellectual property rights protection, and click farming prevention.

1.4 Different Enterprises in Different Stages of Security System Development

The maturity of security system development varies from enterprise to enterprise, and is measured by considering three aspects:

  • Security team accumulation: An enterprise’s core security capabilities rely on the size and experience of its security team.
  • Organizational architecture of the security team: A security team develops internal influence primarily based on its organizational architecture.

1.5 Profound Technological Changes in Enterprise Security Systems Caused by Digital Transformations

(1) Migration of IT Infrastructure to the Cloud

2) Security Best Practices

2.1 Enterprise Security System

In terms of technical domains, an enterprise security system includes office network security, also called internal network security. Comprehensive technologies must be developed for the infrastructure layer, from hardware to systems to networks. As shown in the following figure, security is related to every technical domain and determined by the depth of each domain. A security system is a typical example of the leaky bucket principle. The most basic security weakness of an enterprise determines its overall security level. A security system involves mechanisms, processes, organizational specifications, products, and even operations.

2.2 Eight Major Risk Domains of an Enterprise

(1) Secure O&M

3) Changes Brought About by Cloud Computing

3.1 Off-premises Security Is Better Than On-premises Security

Cloud computing will bring major changes to the evolution of security systems. Most users have already seen how the cloud has changed the technologies and systems of entire enterprises. In the future, all enterprises will focus on improving their security systems based on cloud computing and cloud native capabilities.

3.2 Cloud Empowers Enterprises to Improve Security Capabilities

As shown in the following figure, the cloud has many native advantages. For example, each enterprise needs a unified authentication and authorization system and can use virtualized network scheduling capabilities to implement omnipresent network access control and isolation measures on the cloud. All cloud products provided by Alibaba are integrated with security capabilities at the design stage, including code security. Products are launched only after passing rigorous security tests. In addition, our off-premises global data security system gives users more confidence in the security of their cloud data throughout its lifecycle. Finally, our global threat detection platform helps users better cope with threats by building a feedback loop covering detection, response, and defense.

3.3 Inclusive Security Is Provided to Cloud Users

To date, Alibaba Cloud protects more than 40% of websites in China. This requires us to possess powerful data capabilities, intelligence capabilities, and security capabilities. Alibaba provides its core capabilities and products in all security technology domains to Alibaba Cloud users to help them build safer enterprise security systems.

Original Source:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store