In this video you will learn about enterprise environment security concepts such as: geographical considerations, response & recovery controls, Secure Sockets Layer/Transport Layer Security inspections, hashing, and API considerations.
Geographical Considerations
Geographical considerations are considerations that affect the laws & regulations that have been created to address data privacy & digital rights management (DRM).[1]
Response & Recovery Controls
Response & recovery controls are plans that you must have in place in the unfortunate event of a data breach, including the assembly of a team of experts within an organization, as well as legal counsel.[1] Part of response & recovery controls is using a data forensics team to help determine the source and scope of the breach, in addition to collecting and analyzing evidence to outline remediation steps.[1]
Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Inspection
Secure Sockets Layer Inspection is the older version of what is now known as Transport Layer Security Inspection (TLSI). TLSI is a security process that allows organizations to decrypt traffic, inspect the decrypted content for threats, & then re-encrypt the traffic before it enters or leaves the network.[1] In layman’s terms, you can think of TLSI as Transportation Security Administration workers inspecting the contents of your luggage before you board a plane.
Hashing
Hashing is an algorithm performed on data such as a file or message to produce a number called a hash (sometimes called a checksum). The hash is used to verify that data is not modified, tampered with, or corrupted. In other words, hashing allows for you to verify that the data has maintained its integrity.[6] Hashing is used in digital signatures, file & message authentication, and as a way to protect the integrity of sensitive data such as data being entered into databases or perhaps entire hard drives.[1]
API Considerations
An API is a connection between computers or between computer programs. It is a type of software interface, offering a service to other pieces of software.[7] In contrast to a user interface, which connects a computer to a person, an API connects computers or pieces of software to each other. It is not intended to be used directly by a person (the end user) other than a computer programmer who is incorporating it into software. Here are some considerations concerning APIs:[1]
References