Information Technology Reference
In-Depth Information
reduced from 60% to 90% (depending on the investment on infrastructure already
in place) with analogous cost reductions. Overall, the main benefit of this capability
is that it offers organizations of all sizes the flexibility and dynamism they need
in order to quickly exploit new business opportunities. This capability has been
trialled in Business Experiments including one on a Virtual Hosting Environment
for Distributed Online Gaming, which is described in chapter 12 and one on supply
chains in agriculture (AgroGrid), which is described in chapter 11.
8.3 Trust & Security Capabilities
The need for security for agile business operations is so strong that, according to
Gartner (2009), despite the worldwide economic crisis - or possibly because of
it - security aspects such as Identity and Access Management (IAM) remain a crit-
ical investment for enterprises of all sizes and market sectors. Through increasing
business-level visibility led by data-breach headlines, security spendings continue
to rise and take a growing share of overall IT spending. Indeed, IAM alone repre-
sents a growing market which accounted for almost $3 billion in revenue for 2006
(Gartner 2009). According to Forrester (2009), security initiatives will focus on: (a)
protecting data, (b) streamlining costly or manually intensive tasks, (c) providing
security for an evolving IT infrastructure, and (d) understanding and properly
managing IT risks within a more comprehensive enterprise framework.
In order to achieve agility of the enterprise and shorten concept-to-market times-
cales for new products and services, IT and communication service providers and
their corporate customers alike increasingly interconnect applications and exchange
data in a Service Oriented Architecture (SOA). The way businesses interact is there-
fore evolving, to:
• A work environment that becomes pervasive with a mobile workforce
• Outsourced Data Centres and in-cloud services
• Integrated business process with customers and suppliers across value chains
The key security challenges come from this evolution of the way businesses interact,
include:
• Business process integration with customers and suppliers across value chains
• Many sources of identity and policy enforced over shared IT infrastructure
• Manage access to resources in environments that are not under one's control
• Ensure accountability over a mixed control infrastructure
• Collect evidence about policy compliance for diverse regulatory frameworks
• Deperimeterisation of corporate ICT while maintaining acceptable levels of
security in business operations
For security to work, the mechanisms put in place must support, not hinder, such rich
and flexible scenarios. The mechanisms must be flexible and adaptive. In line with
this analysis, security efficiency, with lower costs and improved service, security
effectiveness, including regulatory compliance and business agility and increased
productivity were the three main business drivers of innovation for security in SOI
