Towards an Enterprise Security Architecture for Broadband Network Providers
Security solutions are increasingly becoming a vital component of telecommunications and internetworking systems for all organizations. There are increased vulnerabilities due to online access that allow malicious intervention to IT and network systems from remote locations. Traditionally, the thought of insider attack has been viewed as the key risk affecting businesses, however the threat of cyber attacks upon the communications network has become a primary source of concern. A key challenge facing communication network providers is how to effectively manage and secure the enterprise Information and Communications Technologies (ICT). There are many prevailing standards and emerging products now available. However, the integration and cohesive design of these security solutions is becoming an obstacle to the effective deployment of security solutions. In this paper we propose a security enterprise architecture for communication network providers. The security architecture is based upon our experience in deploying enterprise architectures and security solutions world wide, whilst drawing upon key standards such as SABSA and TOGAF. The security architecture may be used as a blueprint and framework for network providers to ensure coverage in security, reduce risk of malicious threats, and for mitigating delivery risk due to integration and deployment challenges. The framework is also applicable to the broader industry seeking to develop their enterprise security architectures.
