Steve Riley on Security

Formerly of Microsoft's Trustworthy Computing Group.

Enabling Secure Anywhere Access in a Connected World

Enabling Secure Anywhere Access in a Connected World

  • Comments 1
  • Likes

A few times each year, Bill Gates or Steve Ballmer publish an executive memo. The first memo was Bill's essay on trustworthy computing, in July 2002. Today Bill has a new memo, one that is very important for all of us who strive to achieve a balance between being secure and, well, getting work done.

Some of my favorite points from the memo:

  • [It] is no longer a question of the power of our devices and the speed of our connections. The real issue today is security. Ultimately, anywhere access depends on whether we can create and share information without fear that it will be compromised, stolen, or exploited.
  • No company is immune to the danger. Malware targets products from virtually every software vendor. Every business is vulnerable to the risks that come with unauthorized access to corporate information.
  • ...striking the right balance is extremely difficult. Easy access speeds communications but increases the danger that confidential information will be exposed. Stringent security measures reduce risk, but can make it too difficult for employees to access information or communicate with customers and partners and too complex for IT professionals to deploy and manage solutions.
  • ...new technologies for managing the way people and information move between corporate networks and the Internet are essential. In the face of a rapidly evolving threat landscape, the firewall...is no longer adequate.

Several times in the memo Bill mentions the importance of policy. Most of you have probably heard me speak of similar ideas. Policy-based security allows us to finally divorce information protection from the mechanism used to transmit that information. This is essential because the ubiquitousness of mobile computing demands it. Regardless of where information is stored, how it is transmitted, policies that apply to the information will move everywhere with it. We will no longer be constrained by the topologies of any particular network, because the network will lose its role in managing access to information and revert to the single thing it does best: move bits around as fast as possible.

Comments
  • Steve,

    I think ultimately this policy-based approach is the only way to go. After all, where does code execute, where are fragments re-assembled, where is the 'stuff' that the malware authors are after... answer: on the end-points. There is only so much mileage to be had out of building more and more intelligence into the network, and the overhead in terms of cost & performance of network devices to keep pace with things is dramatic.

    This secure anywhere access means that the 'content' is king. It doesn't matter where you are or how you want to connect, all you care about is access to your data. From my perspective in the UK I can see several media groups here jostling for position in the marketplace currently. There will very soon be a bloody battle fought by the Marketing departments of these organisations to win the right to deliver services to the consumer. What used to be disparate services will merge, the edges will become blurry; TV, music, film, web-access, messaging etc will all just become 'content' from your chosen provider.

    I just hope that behind all the whizz-bang marketing messages there are genuinely secure services and apps. The consumer is about to be bewildered by the choices coming his way -  and will then proceed to bring this new 'content' into the workplace with him. You might say that there is going to be a consumerisation of our corporate networks in the near future!

    Mark.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment