Andrew Jaquith asks - given Heartland is it time to revisit old security models?
Umm...no...the time to revisit your old security model was when SOAP and XML came out about 9 years ago. Once those technologies were there, it was only a matter time that everything was going to be connected. What did security do? They kept the same security model from 1995.
Software changes at a furious pace, the majority of Information Security is fourteen years behind and counting. This leaves oceans of space for attackers, and since developers spent the last 9 years connecting everything to everything else, there is plenty of incentive.
This is your captain speaking - expect turbulence ahead.
Comments