The Bleeding Edge: Time for a Full-Court Press

 

It’s obvious that the present bromides for implementing IT security are ineffectual.  IT departments have implemented two-phase authentication, encryption and federated identity management. They are working to implement biometric means of authentication along with a public key infrastructure and e-discovery analytic tools. What is really called for is a transformation in how IT treats security. This must be the priority for 2009. The reasons are too numerous and they can’t be disputed. We’re reading more stories about hackers’ exploits. Most upsetting is that they’re wreaking more havoc every year.

There is a wildcard lurking, and perhaps it will be linked to the upcoming U.S. Presidential election. Anything is possible--a cyber attack on the final presidential vote count, possibly triggering a constitutional crisis. While it is too late to deal with such a wildcard, the mere prospect of its occurrence will bring the issue to the forefront. We propose key strategies that IT will have to promote, plan and implement that go far beyond what is being done today.

Identity Management 3.0
The first generation of identity management consisted of application-level security.  We are implementing the second generation based on two approaches: federated identity management (a centralized approach) and user identity management (a networked …

Please log in or sign up below to read the rest of the article.