Articles

Are you following Jerichos 11 Commandments?

The Jericho Forum (www.jerichoforum.org), launched in 2006, is a pressure group comprising heads of security in major corporations. It was set up to encourage security suppliers to interoperate through relevant standards and protocols; to enable their products to work outside firewalls; and to stem the proliferation of “me too” products.

The forum has compiled a list of 11 questions, or ‘Commandments’, that they feel Innovators need to consider:

  1. Does your innovation enable a scope and level of protection that is specific and appropriate to the asset at risk?
  2. Is the security mechanism of your innovation simple, scalable, easy to manage and interoperable?  How?
  3. Is your security product transferable across environments? Can it be used globally? Outline any geographic, legal or technical limitations.
  4. Does your innovative security solution communicate using open secure protocols? Which major ones do you NOT support?
  5. Can your products survive on the raw internet?
  6. Can you support transparent levels of trust for people, processes and technology to enable variable trust levels (e.g. by location, user role)?
  7. How do you ensure that your innovation and its users are capable of appropriate levels of mutual authentication and access authorisation?
  8. Does your authentication, authorisation and accountability interoperate outside your area of control? How?
  9. How does your innovation allow access to data to be controlled by security attributes of the data itself. Can it accommodate temporary access rights?
  10. Does your innovation enable segregation of controls (permissions, keys, privileges, including administrator access) to enable data privacy?
  11. By default, is data appropriately secured in storage, transit and in use?


Conformance to the Jericho Commandments will go a long way to ensuring your Innovation is future-proofed, and also allow you to leapfrog the queue to influence Chief Information Security Officers in global corporations. To see the Commandments in detail, visit: www.jerichoforum.org

We do not expect you to conform to all of these points, but it is important for Innovators to appreciate how those responsible for global corporate security and risk are gearing up for the future.

So keep these Commandments uppermost in mind and ensure your innovations have the best possible chance of being adopted.




 

None Found