Conferences & Events
Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Enterprise Security Architecture
Saturday, January 1, 2005
Late in 2003 a group of NAC members began meeting the challenge of describing a common framework that would speed the process of developing enterprise security architectures for this complex environment and create the governance foundation for sustaining it into the future. How does one simplify the process of governing security by exclusion (keeping the bad guys out) and security by inclusion (allowing, and encouraging legitimate users to come in)? NAC's premise is that policy-driven security architecture is essential in order to simplify management of this increasingly complex environment. As the Corporate Governance Task Force Report states, "The road to information security goes through corporate governance." At the heart of governance are policy definition, implementation, and enforcement. To simplify security management, there must be a direct linkage between governance and the security architecture itselfâ€”in other words, policy-driven security architecture.