Security Architecture and Engineering | Information Technology | University of Pittsburgh
!

You are here

Security Architecture and Engineering

The primary function of security architecture is to design, document, and communicate the components of a security program in a consistent manner. As such, the primary outcome of security architecture is a well-defined strategy that connects business drivers with technical implementation guidance. Pitt IT Security can help you plan and execute effective security architecture by utilizing security and risk frameworks and by following security best practices.

Security Architecture

Strategy and Design (e.g., Cloud, Endpoint, IAM, Network)

The cybersecurity strategy is a fundamental part of the University taking a planned, proactive, and consistent approach to security. Creating a university-wide security strategy that is holistic and comprehensive involves many steps, including planning, coordination, and consulting with the university departments and schools.

Collaboration and Interface with Enterprise Architects 

Pitt IT's Enterprise Architects will work closely with you and your department to identify needs and potential solutions that make sense for your priorities and budgets.

Security Tooling

(e.g., CSPM, PAM, Proxy, SIEM, SOAR, SWG, WAF)

Depending the security assessment of a specific environment, the Pitt IT Security Architecture and Engineering team may utilize the existing security tools or recommend the procurement of new security tools and services to mitigate the identified threats.

Examples of University security tools

  • The Cloud Security Posture Management (CSPM) platform can be used to strengthen the University’s cloud security posture.
  • A Privileged Access Management (PAM) solution can be used to regulate access to specific University assets and resources.
  • A Web Application Firewall (WAF), the internet-facing web servers and services can be protected against advanced web-based attacks.
  • Integrating with the University’s security information and event management (SIEM), departments and schools can timely monitor, detect and respond to security related incidents and events that affect their assets.

Security tool implementation steps

  • Implementation
  • Configuration
  • Tuning
  • Maintenance

Solution Design and Engineering

Before an effective security solution can be created for a department or school, Pitt IT Security must first assess and understand the client's operating environment. Pitt IT Security works closely with a client to analyze the threat landscape and learn more about the department's operational processes and data assets. Once all of the inputs are collected and assessed, Pitt IT Security will guide a department in:

  1. Designing security systems
  2. Implementing necessary controls
  3. Evaluating the need for security systems and recommending best options
  4. Designing and implementing a security framework

Depending on the requirements, suggestions for ensuring departmental security may include CIS Controls, ISO, and NIST. Pitt IT Security will help you choose a framework that effectively tracks the progress of its implementation, while prioritizing steps.

  • System and cloud configuration
  • Data flow diagrams