Thursday, March 28, 2013

Requirements Driven – Mandatory Solutions

Common Required Solutions
[Update: Added source mapping and original spreadsheet]

Click on the worksheet below to view a compiled checklist of mandatory security solutions, an ecosystem if you will, that supplement and enable the comprehensive technical control set required by common regulations and standards.

Requirements Mapping
Very importantly, this is 100% requirements driven and not intended to be a comprehensive approach to protecting your data. However, this solution set is a great start. The authority documents from which this solution set is derived are written with the objective of protecting data relative to their domain. That doesn't mean the objective has been successfully met. Your particular use case may fall outside of the normative expectations for which the authority documents were written. Your particular operational mission and/or risk profile may drive additional technology solutions. For example, additional monitoring tools, network management,  e-discovery, network forensics, etc.

Solution Set Requirements Map 
(Click image below to see full-size) (PDF Version)
Common Required Technical Security Solutions