Software application development
This blog is intended to provoke discussion and exchange between like minded software application developers, engineers, architects, project managers - and keen hobbyists too.
Sunday 16 September 2007, 2:55 PM
Spiralling security solutions
Securing data while it travels between applications, business partners, suppliers, customers and other members of an extended enterprise is crucial. As enterprise networks continue to become increasingly accessible, so do the risks that information will be intercepted or altered in transmission.
Was this an inevitability you may ask? Well, more technology, more data and more users equals more potential pitfalls and problems. An increasingly litigious society and wildly proliferating web-based corruption hasn’t helped either I guess. How many times have you been offered the chance to send 50,000 dollars to invest in an untapped goldmine in Sierra Leone this year?
Building secure networks with new levels of encryption, firewalls and biometric passwords has become an industry in itself. Just look at the NSA in the US or our own MI5 (hi guys – if your scanners picked that one up) as an example.
The future then, what’s next? Well many companies have a security policy and the more progressive among them also manage and maintain a vulnerability management programme. This is primarily to ensure that the organisation uses and regularly updates anti-virus software on all applications and secondly, that they develop and maintain secure systems and applications.
PreviousComments on this post
I hear you Adrian (reading the blog..no scanning honest).
Security cannot continue to grow with the complex defensive paradigm.
Deperimeterisation is one idea being pimped by the jericho forum but it is only a concept and cannot yet be implemented.
There is another idea which is to use approach like Argos does with stores. An ordinary store will allow a person in and they can browse around for what they want and hope they be honest and pay. various counter measures in place but theft occurs still.
In Argos only after you have been fully validated to you get only the bit you have paid for. Huge reduction in security counter measures. Security is designed in rather than added on.
The computer security system I have seen only allows the applications allowed by that user outside. The pre validated client (2 factor authenticated built in) machine is never allowed in and cannot snoop the network. Menus are non changable by the user, removing the opporutunity of hacking your way up the access tree.
The whole system is designed to be run so no installs and can actually function from special USB key with readonly and hidden sections. Therefore no need for IT to build a fully vetted machine.
If everyone worked this way then it is easily possible to kick all users off the server network and havethem logon to a fast segment with printers etc but no direct connection to the server network.
Add onto this the ability of presenting , Web functions, RDP, Citrix and full clients. All at the cost of a popular token system. Massive reduction in TCO and a shrinking and designed in hardening of the network.
I know it sounds to good to be true but whenI found out Deloitte auditors tried for 6 months to break it and failed. Hmmmm somthing worth a look. The product is G/On and the website is www.giritech.com (A Danish company !! i know and i thought all they did was bacon?!?!)
