The Beacon security program leverages a wide array of security techniques designed to support the layered defense approach, incorporating a variety of security controls, including technical, physical and operational.
Technical Security Controls
Technical controls incorporate common automated security components such as firewalls, virtual private networks (VPNs), and multi-factor authentication techniques. These are established with a focus on limited expert intervention to establish a baseline security posture for the system. Examples of technical security controls include, but are not limited to:
Securing transmission routes (e.g., TLS 1.2 or higher, VPNs);
Protecting endpoints (e.g., Endpoint Detection and Response [EDR] solutions);
Boundary and web application protection (e.g., boundary and web application firewalls);
Solutions that can detect, report on, and prevent intrusions within the environment (e.g., intrusion detection and prevention systems, log monitoring); and
Least privileged access to critical system resources (e.g., role-based access control [RBAC] solutions).
Technical controls also provide a combination of security insights and protections. These controls can be implemented as either preventative and/or detective.
Preventative controls are implemented to reduce and/or avoid the likelihood of a successful threat event. These are designed to narrow the system attack surface and provide active protection of those components that are still exposed in support of normal system operations.
Detective controls are implemented to provide insights into the normal operation of the system and evaluate anomalous activities. These detective controls provide alerts to abnormal actions being taken in the system, allowing for rapid response from automated solutions and approved administrative personnel.
Physical Security Controls
Beacon ensures that any physical security components employed within the platform are under strict physical control. Access is limited to only those staff trained to handle the equipment.
Beacon employs Microsoft Azure cloud to support and operationalize access to data centers. This instills a high degree of confidence that equipment access is controlled and that the appropriate environmental protections are in place. Oversight around physical controls mitigates nefarious activity and ensures systems are both operational and available.
Operational Security Controls
While automation is a critical component of the Beacon security program, the human element is equally critical in ensuring a well-maintained security posture. Such posture requires the implementation of best practices. These include standard operating procedures, checklists, system security reviews, and risk assessments. These processes and procedures overlap and provide a tight support system around the automated controls implemented as part of the Beacon security program. Additionally, the operational controls provide a critical touchpoint for administrators to gauge the relative success of implemented security components and the overall efficacy of the program.