The future of network security

You can deploy encryption in networks or endpoints. In either case it can be a mixed blessing. Encryption protects data passing across hostile networks, but can be a barrier to content analysis.

Although encryption use continues to grow, there will always be plenty of cases where endpoints and applications need to communicate "in the clear". In fact there is a trend for end systems to de-fragment into networks of smaller devices, often with no encryption capability. We've gone from mainframes to personal-area networks. Eventually we'll get to smart dust and nanotechnology. Network security will be vital to maintaining system control.

The future of network security might be far from clear-cut. One thing is clear - it will certainly be richer and more sophisticated than we've seen so far. Determining how to plan for a business environment in which everyone is connected and security expectations are high is not trivial. We all have to do it.

Following are 10 questions to ask yourself when determining your own future security architecture.

1. Can you harden your critical legacy applications to operate across hostile open networks?

2. Should you aim to secure your wireless networks?

3. What is the most appropriate strategy for encrypting enterprise and third-party communications?

4. Does your use of encryption present a potential entry point for malware or inappropriate content?

5. How can you best enforce the "acceptable-use" policy?

6. What is the best strategy for enterprise identity management?

7. How do you plan to control third-party users?

8. Should you block or simply alert on suspected intrusions?

9. Should intrusion-prevention systems be sited on hosts or in networks?

10. Should antimalware defenses be incorporated into clients or networks?

Lacey is founder and honorary member of the Jericho Forum, an organization pushing for innovation in e-commerce security. Lacey's background includes two decades working in chief information security officer positions at the U.K. Foreign Office, Royal Dutch/Shell Group and the Royal Mail Group.