Business Guide
simplicable technology guide   »  enterprise architecture   »  ea and security

Why Enterprise Architects Should Care About Security

        posted by , May 28, 2011

Enterprise Architecture is too often associated with cost control and standardization — two topics that fail to capture the imagination.

Security on the other hand, gets people's attention. Security is a attractive EA value proposition for several reasons:

1. Security is easier than it looks

People tend to fear security — it seems like a complex and potentially explosive responsibility.

Most EA practices don't tackle security — but usually have a plan to cover it sometime in the future (read: never). Even EA frameworks such as Federal Enterprise Architecture (FEA) and TOGAF have very weak coverage of security.

Despite its mystique — security is no more complex than other architectural considerations EAs deal with on a daily basis.

Most EAs have a cursory understanding of security and are capable of modelling security at a enterprise level. Enterprise Architects facilitate common approaches to security but do not have to be security experts themselves.

2. Security needs to be global

It is probably the most important security principle: security must be enterprise-wide. Common approaches to security are key to risk reduction and regulatory compliance.

3. Security is integral to all architectural domains

Security Architecture is something of a misnomer. Security is a integral part of business, system, data and technology architecture. It is not an independent architectural domain — so it is hard to argue that EA should exclude it.

4. Security standards

Enterprise Architecture is in a good position to identify opportunities for cross-silo security standards. EA Governance is in a good position to enforce such standards.

5. Risk is a good living

Security is one of the last areas to experience cutbacks when business goes bad. Organizations tend to value risk mitigation. With security in your mandate — the stock of the EA team will likely rise.

3 Shares Google Twitter Facebook

Related Articles

Enterprise Architecture
How to architect an organization.

The exciting world of ITIL metrics.

Service-oriented Architecture (SOA) is as simple as can be — it can all be boiled down to these 9 principles.

Imagine your hardcore IT geek talking to a company executive. What would they talk about?

Understand the threats to your organization.

Recently on Simplicable

Zombie Armies of The Digital Frontier

posted by Anna Mar
An quick explanation of botnets.

IT Security Guide

posted by John Spacey
A guide to information security including cheat sheets, best practices and checklists.

Principle of Least Privilege

posted by Anna Mar
A look at least privilege and need to know.

Authentication vs Authorization

posted by Anna Mar
It is easy enough to confuse authentication and authorization.


about     contact     sitemap     privacy     terms of service     copyright