Babel Enterprise
Risk Evaluation
The use of Babel Enterprise as a global tool of security management implies his adaptation to audit environments fully "theorical" where the environment could be no technical. The last objective of Babel Enterprise to fulfill this need is to be able to realize an audit at great scale in an organization that despite being very big wouldn't have any computer or any software agent displayed and any processing of information through collectors of any kind.
In this kind of environments and with Babel Enterprise structure, an agent could be a computer that has got the DDBB with all personal data of employees or the closet where they are kept, between others documents, the contracts of all the employees of the organization. Through concepts of Location and Resource, assets can be managed from a "physical" point of view:
- Location: Allows to evaluate risks regarding its situation and rise the risk of mobile devices. With the Location, the physical aspects of the security are incorporated.
- Resource: It could be a table of a database, a portable hard disk or a paper document. One Resource can be contained inside other, and all of them associated to an agent. Each resource has his level of criticallity and his location.
Babel Enterprise manage these assets, and allows to define the specific risk for each asset. Besides, it could obtain an automatic valuation of that risk from other sources:
- Software Agents, check the level security of the system and its hardening.
- External Sources, tell us if our asset has additional risks, such as virus, vulnerabilities, etc.
- Internal Sources, regulations that tell us that our asset is insecure because it doesn't fulfill some legal requisites.
The inclusion of resources definition by Agent allow us to realize and keep in a centralized way an inventory of security asset. This allows to improve the risk calculation according the criticallity of the asset, considering this as the media of the criticallity of the agent and the resources that it contains.
Babel Enterprise
Risk Evaluation
The use of Babel Enterprise as a global tool of security management implies his adaptation to audit environments fully "theorical" where the environment could be no technical. The last objective of Babel Enterprise to fulfill this need is to be able to realize an audit at great scale in an organization that despite being very big wouldn't have any computer or any software agent displayed and any processing of information through collectors of any kind.
In this kind of environments and with Babel Enterprise structure, an agent could be a computer that has got the DDBB with all personal data of employees or the closet where they are kept, between others documents, the contracts of all the employees of the organization. Through concepts of Location and Resource, assets can be managed from a "physical" point of view:
- Location: Allows to evaluate risks regarding its situation and rise the risk of mobile devices. With the Location, the physical aspects of the security are incorporated.
- Resource: It could be a table of a database, a portable hard disk or a paper document. One Resource can be contained inside other, and all of them associated to an agent. Each resource has his level of criticallity and his location.
Babel Enterprise manage these assets, and allows to define the specific risk for each asset. Besides, it could obtain an automatic valuation of that risk from other sources:
- Software Agents, check the level security of the system and its hardening.
- External Sources, tell us if our asset has additional risks, such as virus, vulnerabilities, etc.
- Internal Sources, regulations that tell us that our asset is insecure because it doesn't fulfill some legal requisites.
The inclusion of resources definition by Agent allow us to realize and keep in a centralized way an inventory of security asset. This allows to improve the risk calculation according the criticallity of the asset, considering this as the media of the criticallity of the agent and the resources that it contains.
