Organizational Security Model
My security model is shaped like a pile of oatmeal.
An organizational security model is a framework made up of many entities, protection mechanisms, logical, administrative, and physical components, procedures, business processes, and configurations that all work together to provide a security level for an environment. Each model is different, but all models work in layers: one layer provides support for the layer above it, and protection for the layer below it. Because a security model is a framework, companies are free to plug in different types of technologies, methods, and procedures to accomplish the necessary protection level for their environment. Figure 3-4 illustrates the pieces that can ...