Talking with a the Deputy CISO of a government organization brought up the topic of front end and back end security. What exactly is this? If you search for these terms you will find this is another gray area in security and IT in general. In application development, specifically web applications, the front end is the interface and what the end user will interact with. Conversely, the back end is what the user never sees and usually doesn’t care about. In terms of security and the context usage made by this Deputy CISO, you wonder if they knew what they were talking about, or if there was serious internal threat to be tracked down.
Tracking down internal threats on an enterprise network can be daunting. It goes without saying that you can’t shut the network down piece by piece to isolate the threat unless there is a compromise which could result in grave danger or loss of life, and sometimes that isn’t enough. The explanation we received made it seem as if one entity handled the front end security, the web servers, perimeter security devices, etc. This individuals organization handled what he called the back end. The use of enterprise security management applications like ArcSight was mentioned, so apparently the core back end systems are being dumped into ESM for analysis. Hopefully, the analysis and effort doesn’t end with ESM.
