Jericho Forum unveils new security framework for online usage

Known as the Collaborative Oriented Architecture (COA) framework, the best practice guidelines are an evolution of the Forum's `secure de- perimeterisation' approach to company security of a few years ago.

At the Forum's spring conference hosted at the Infosecurity Europe show in London on Tuesday, senior members of the Jericho Forum, along with security officers from Boeing, ICI, Eli Lilly and Rolls-Royce, were on hand to explain the new framework.

Andrew Yeomans, chairman of the Forum's Solutions Working Group, told Infosecurity Magazine that the COA framework builds on the secure approach to de-perimeterisation concept, which was one the main fortes of the Forum when it was launched back in 2003.

"It brings many of our security ideas up to date in the modern world of collaborative working," he said, adding that the framework was now open for discussion and analysis by the IT security industry.

The Forum has published a white paper on secure COA at http://tinyurl.com/6a768b .

COAs are defined as information architectures that comply with a de-perimeterised framework, and allow corporates to operate a secure and reliable IT infrastructure, even in an environment where VPNs, virtual server and `no-boundary' networks are used.

According to the Jericho Forum, as mergers and acquisitions occur, and the use of social networking makes security much harder for the police and other government agencies, COA becomes vitally important.

"The old risk model simply doesn't cut it any more," said Adrian Seccombe, a Forum board member and a senior enterprise information architect with Eli Lilly.

"Unless organisations transform the way they perceive, execute and manage risk, and architect for change, they will not only leave themselves exposed to growing security threats, they will also be left standing in competitive business stakes," he said.

"We need to move away from an economic model based on the standalone enterprise to a collaborative model based on guilds where competence is the driving force," he added.

www.jerichoforum.org

What’s hot on Infosecurity Magazine?