- Image via Wikipedia
Gartner releases the top 10 technologies to watch for the next 3 years. All of them are going to require new and novel ways of looking at information security, and the approaches we will take to information security. Are you ready?
The Gartner list top 10 technologies to watch in the next 10 years is:
1. Virtualization
2. Cloud Computing
3. Servers beyond blades
4. Web oriented architectures
5. Enterprise mashups
6. Specialized systems
7. Social software and social networking
8. Unified communications
9. Business intelligence
10. Green IT
All of these are going to require different ways of managing information security. All of these have privacy implications, data management implications, and a host of other implications that will alter the standard Firewall rule/ACL/IDS/IPS style of systems.
Three of the rule busters are going to be Web Oriented Architectures, Business Intelligence, and Social Software/networking. Not because they are new, but because they all can be visualized through the browser, meaning all the browser vulnerabilities suddenly become more than just a desktop issue. If a bad guy can latch into the java, C#, PHP, Ruby on Rails back end, much like hackers take over SQL servers today, well all that Business Intelligence is going to be very valuable to hackers, competitors and governments.
Should we change the security model in browsers? Most likely, just to cut down on the thoughts of data theft through the browser.
This is also going to cause compliance issues, how to make something HIPAA or SOX compliant that relies on cloud computing.
This is also going to cause privacy issues because it will be easier to have the most stringent privacy laws in place than it will be to individual privacy policies depending on domain, access point, and what data is being accessed.
This is going to require a complete rethink of many of the tried and true security measures that we have in place. Some of the old standards will still work; there is no replacement for the firewall or the IDS/IPS. Nevertheless, we will need a better solution for logging to meet compliancy. We will need better understanding of global privacy policies to make all this work. Moreover, we will need to work with business to make all this happen in such a way that the business does all this safely and still does due diligence and due care.
It is a great time to be a security engineer.
Tags: top 10, gartner, future technology, infosec, compliance, privacy, changes, fun
Related articles by Zemanta
- How ARRA and HITECH provisions affect HIPAA compliance (deurainfosec.com)
- Cloud security fears are overblown, some say (infoworld.com)
- Rise of cybercrime and management responsibility (deurainfosec.com)
- Hacking Ruby on Rails at Railswaycon09 (slideshare.net)
- The Enterprise, the Cloud, and 5 Key Drivers for 2009 (gigaom.com)
- Balancing Computer Security and Innovation – A Talk with RSA’s Art Coviello (xconomy.com)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=c554529e-08ed-4de9-80fb-4aba492f8b23)
I think that business intelligence should be higher on the list, especially since a lot of organizations are focusing on BI to improve revenues and make much needed discoveries.
We’re seeing these technologies being used in the education sector itself. What with students being able to learn from sites like Visible body to sites that help administrators run schools from an online platform e.g. QuickSchools.com and Whipple Hill
Anne – looked at your site it looks cool – are you basing your system in the cloud, and how are you addressing or working with the standard LMS’s that we have out there right now?