QOTD - Jaquith on Zero-Trust Model of Information Security

This article, written for ComputerWeekly.com by Forrester Research's Andrew Jaquith is a must read in its entirety. Here's a snippet to wet your appetite:
Successfully controlling the spread of sensitive information requires inverting conventional wisdom entirely, by planning as if the enterprises owned no devices at all.

Forrester calls this concept the "zero-trust model of information security", centered on the idea that security must become ubiquitous throughout your infrastructure. Simply put: treat all endpoints as hostile.
Some of the important concepts include:
* Thin client: process centrally, present locally
* Thin device: replicated data, with device-kill for insurance
* Protected process: local information processing in a secure "bubble"
* Protected data: documents protect themselves regardless of location
* Eye-in-the-sky: know when important information leaves
Src: Own nothing – control everything: five patterns for securing data on devices you don’t own - 08/09/2010 - Computer Weekly

No comments: