Corien Vermaak, Cybersecurity Partner Specialist
The Jericho Forum commandments define both the areas and the principles that must be observed when planning for a de-perimeterized future. Whilst building on “good security”, the commandments specifically address those areas of security that are necessary to deliver a de-perimeterized vision. The commandments serve as a benchmark by which concepts, solutions, standards, and systems can be assessed and measured.
Fundamental
1.The scope and level of protection should be specific and appropriate to the asset at risk.
- Business demands that security enables business agility and is cost-effective.
- Whereas boundary firewalls may continue to provide basic network protection, individual systems and data will need to be capable of protecting themselves.
- In general, it’s easier to protect an asset the closer protection is provided.
2. Security mechanisms must be pervasive, simple, scalable, and easy to manage.
- Unnecessary complexity is a threat to good security.
- Coherent security principles are required which span all tiers of the architecture.
- Security mechanisms must scale; from small objects to large objects.
- To be both simple and scalable, interoperable security “building blocks” need to be capable of being combined to provide the required security mechanisms.
3. Assume context at your peril.
- Security solutions designed for one environment may not be transferable to work in another.
- Thus, it is important to understand the limitations of any security solution.
- Problems, limitations, and issues can come from a variety of sources, including geographic, legal, technical, acceptability of risk, etc.
4. Surviving in a Hostile World.
- Devices and applications must communicate using open, secure protocols.
- Security through obscurity is a flawed assumption – secure protocols demand open peer review to provide robust assessment and thus wide acceptance and use.
- The security requirements of confidentiality, integrity, and availability (reliability) should be assessed and built in to protocols as appropriate; not added on.
- Encrypted encapsulation should only be used when appropriate and does not solve everything.
5. All devices must be capable of maintaining their security policy on an un-trusted network.
- A “security policy” defines the rules with regard to the protection of the asset. Internet; e.g., will not
- Rules must be complete with respect to an arbitrary context.
- Any implementation must be capable of surviving on the raw break on any input.
About Cisco
Cisco (NASDAQ: CSCO) is the worldwide technology leader that has been making the Internet work since 1984. Our people, products, and partners help society securely connect and seize tomorrow’s digital opportunity today Discover more at newsroom.cisco.com and follow us on Twitter at @Cisco.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco’s trademarks can be found at www.cisco.com/go/trademarks.
————————————————————–
Have you checked out the new WhichVoIP.co.za website as yet? Benchmark your services against your peers, have a look at what your competitors are doing, get listed in the best Telecoms provider directory in South Africa, and advertise on the site to attract customers to your page where you can view page hits, respond to reviews, load adverts, and more.
Visit WhichVoIP.co.za or jump to a leading comparison section:
- Compare VoIP providers
- Compare Hosted PBX providers
- Compare Telephone systems
- Compare VoIP phones
- Compare Fibre offers
- Compare Wireless providers
Enjoy the site!
————————————————————–