Information Technology Reference
In-Depth Information
Table 3.1 (
Continued
)
Source
Impact
Application
development
(
continued)
Selection of object-oriented programming languages,
such as Java and Microsoft's .Net languages, will
affect the manner in which applications access and
manipulate data, compared to traditional languages
such as ANSI C, FORTRAN, and COBOL.
Implementation of a service-oriented architecture
(SOA) development practice can add to the
complexity of an enterprise as well, gaining rapid
application development and deployment capability
at the cost of internal consistency across all
application elements. Retention of legacy applications
within SOA wrappers can further increase complexity
by avoiding the process of legacy software
retirement. Application design and testing for
multiple platforms can add tremendously to the cost
of development.
Interconnectivity
Modern enterprise networks may require connectivity
for external operators, partner organizations, Internet
users, mobile access devices, and a wide range of
implementations that fall outside the technical
envelope that can be mandated within the enterprise
itself. Requirements for encryption, credentials
management, and even the protocols implemented
for access must all take into account the potentially
widely varying solutions presented here. Selection of
an industry-standard platform can help mitigate this
risk somewhat.
Protection
Legislative mandates may include specifi c
requirements that must be addressed in enterprise
planning, such as the Health Insurance Portability and
Accountability Act (HIPAA) requirements for
segregation of Protected Health Information (PHI).
Complexity may also be added where access and
storage mechanisms must include encryption or where
access controls mandate specifi c protocols. Many
governmental and research organizations may need to
impose classifi cation systems for Mandatory Access
Controls (MAC), as opposed to the more common
Discretionary and Role-Based Access Control (DAC,
RBAC) mechanisms used in other enterprises. Careful
planning is required to ensure that resource access is
granted appropriately, denied to unauthorized access
attempts, and reviewed regularly.