Ads by TechWords

See your link here
Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Secure information sharing and the data residency dilemma

May 27, 2004 12:00 PM ET

Computerworld - One of the top priorities for companies today is information sharing with a vast ecosystem of external entities, ranging from business partners and suppliers to customers. In the wake of a landslide of security threats and breaches, security is one of their top concerns, especially how to best extend organizational boundaries and where to centrally locate shared data.
There are dozens of technologies for information sharing, and they generally approach the problem in one of two ways. The first approach extends the infrastructure at the network level, using tools such as IPsec virtual private networks (VPN) and leased lines. These technologies create significant security challenges when extending network access to partners, customers and suppliers. Each one of these parties essentially becomes part of the enterprise network, but do you really want your business partners to have this full access, which can increase the likelihood of these parties voluntarily or accidentally introducing security risks?
Many companies try to overcome these security risks with a duplicate network -- literally a separate, redundant network that outsiders can join, either over the Internet (via VPN) or a leased line. While this may limit exposure of sensitive information, it's very expensive.
The second approach is to extend the organization on the application level with technologies such as Secure Sockets Layer VPNs and Web collaboration applications. Unlike network extensions, the application approach allows access to a predefined set of resources without having to allow complete access to your internal network.
Inside or outside the firewall?
If the company chooses to extend the organization at the application level, it faces a critical architectural decision: Should shared data reside inside or outside the firewall?
One approach to application extension is to keep information servers inside the firewall, within the enterprise's network. Middleware can function as a liaison between the internal data and the external users. This approach doesn't force the duplication of information and leverages existing security within the network, reducing investments in extra infrastructure and administration.
However, this architecture contains an unassailable hurdle: a hole needs to be opened in the firewall to enable the external middleware to access the internal information. This tunnel can be used to break into the enterprise network, initiating a domino effect that could cause significant damage or downtime.
Due to this potentially devastating result, it's not sufficient to minimize the risk by implementing security technologies and policies. Thus, the only satisfactory solution is to block all access from the outside world into the enterprise network. An analogy to illustrate the perimeter



Additional Resources

POLL RESULTS
Accelerate your knowledge of the IT world you inhabit by viewing the results of a series of polls taken by your IT peers. These polls of 100+ IT professionals each are available for full viewing. They cover key topics such as virtualization, processor performance, green IT, cloud computing and many others. Be a part of the buzz.
WHITE PAPER
Technology is complex. Keeping it running productively shouldn't be. To that end, you want to minimize the number of solutions needed in-house to simplify operations, maintenance, and support. Kodak offers a best-practices model. One company provides support for both scanner and software, for fast problem resolution without vendor finger-pointing. Download now!
WHITE PAPER
Utilizing demand intelligence improves the precision of pricing, product assortments, channel/store placement, and promotion, which are all essential for sustainable revenue management performance. Learn more, download this free whitepaper today.

White Papers & Webcasts

MarketVibe: Communications and Collaboration Needs at Business Organizations
In April 2009, IT and business leaders were invited to participate in a survey on business communications and collaboration solutions. The goal of...  

How to Reduce Eclipse BIRT Development Effort for Data Visualizations
Web applications can come with a long list of visualization requirements for structured data. By delivering your output through the BIRT Interactive Viewer,...

The Value of Network and Application Visibility by Aberdeen
This survey-based paper analyzes best practices for improving application visibility and analysis. This paper can help serve as a guideline for organizations looking...  

Legacy IT Modernization - Practical Reality
(Source: BluePhoenix) Corporate budgets continue to tighten. Organizations are looking at ways to reduce operating costs and eliminate unnecessary expenses while at the...

The CIO's New Guide to Design of Global IT Infrastructure
Is it possible to eliminate the impact of distance? This paper explores the 5 key principles successful CIOs are using to redesign IT...  

Interactive Guide: Getting Started with Data Governance
In this online interactive guide, Andrew White, Research VP with lead analyst firm Gartner, answers these questions to help get you on the...

2007 Gartner Magic Quadrant Report
Riverbed positioned in Leaders Quadrant of Gartner Magic Quadrant for WAN Optimization Controllers. Analyzing strengths vs. cautions, Gartner helps organizations looking to acquire...  

Why Now is the Right Time for the Linux Desktop
(Source: Novell) Faced with tighter budgets, enterprises are rethinking their desktop strategies to deliver the same - if not better - services and...

Five Steps to Successful IT Consolidation
Has your Enterprise made the strategic decision to consolidate remote site IT infrastructure into central data centers? Then you have probably discovered that...  

Agile Enterprise Content Management (ECM) for Rapid ROI
(Source: IBM) Content rich business processes are a core feature of daily operations at just about any organization today. Very often these essential...

 

SAS Information Management Kit

SAS is the leader in business intelligence and analytical software and services. Only SAS offers leading data integration, storage, analytics and business intelligence applications within a comprehensive enterprise intelligence platform. SAS gives 97 of the top 100 companies in the 2007 Fortune 500 THE POWER TO KNOW®.

Webcast: The Information Management Roadmap
Imagine high-quality data, cleansed, analyzed and delivered throughout your organization. Join Computerworld, IT visionary Thornton May and a panel of experts to learn how SAS® can help you make it happen.

View this webcast 
Research Report: Information Management Initiatives at Midsize and Large Organizations
See the top-line results of this Computerworld sponsored survey to see how IT and business leaders are handling information management implementation.

Download this report 
White Paper: Information Management: Better Information for Winning Decisions.
This white paper explains how the SAS Information Evolution Model aids companies in assessing how they use this information to make strategic decisions and drive business.

Download this white paper