BPuhl’s Blog

A little bit of everything without actually being much of anything

Security Evolution

Posted by BPuhl on February 21, 2009

My buddy Dan who used to work in Microsoft IT Security, and is now working over in the Information Protection product group (mostly known for RMS) wrote a doc back in 2005 on the evolution of security in the enterprise.  He had been asked for the doc so many times that he posted it to a blog about a year ago, but whenever I start thinking hard about federation, application authorization, claims based identity, and all of the other “fun” topics which make my days interesting, I occasionally need to go back and remember that being in IT is as much about where we are “at”, as where we are “going”.

This is the main graphic from the document:

evolution-of-security-controls-graph-only

From what I can tell, we are somewhere around the little tick mark that separate “near term” from “mid term”.  Things like IPSec, NAP, Windows Firewall, etc… have all done a pretty good job of moving the security from the network boundary to the host.  With Windows Server 2008 R2, Microsoft has finally productized Direct Access – which I can now admit that I have been happily been using for 2-3 years now, and probably couldn’t live without.

But when I think of the challenges in the identity space around federation, the separation between personal and business data, and how we’re going to protect the enterprise when everything is in the cloud – I can’t help but to think that maybe the arc on that “data” line is (unfortunately) a little too steep.  As hard as we try internally, the adoption around data protection is still far below what we need it to be.

Progress takes time, and I like working with the IPC team as they have a great things planned for the future.  Like everyone else though, it’s hard for me to “wait for the next release” to get the features I need.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: