High on the list of integration concerns, that is, making two applications talk to each other and share information or data, is ensuring that security exists between the two applications.
Another security concern is that if you choose an on-demand vendor or system, that information your company owns is sitting outside of your corporate firewall. How do you ensure that data is secure?
Many times, not knowing how to examine the issue or ask the right questions gets in the way of a company choosing the best solution for their needs. This is the tail (of security) wagging the dog (business need and the best functional solution).
I am interested in starting a series of posts that will explore and examine the whole notion of security in a way that will make sense to non-technical folks, so that any issues that arise in the application evaluation process can be thoroughly examined and explored so the best solution can be selected.
The internet has brought to light the need for security, and most of us use the internet to access our bank statements, purchase products or services, and send and receive all manner of emails.
Most of us are familiar with the lock at the bottom of our browser that shows up when we are viewing something securely, or we are completing our credit card purchases. That is the main security technology that most of us are familiar with -- SSL: Secure Sockets Layer.
About.com has the following definition of SSL:
"SSL security technology helps to improve the safety of Internet communications. SSL is a standard for encrypted client/server communication between network devices.
A network protocol, SSL runs on top of TCP/IP. SSL utilizes several standard network security techniques including public keys, symmetric keys, and certificates. Web sites commonly use SSL to guard private information such as credit card numbers."
The Visa website talks about SSL like this:
"SSL provides you with sound privacy protection by encrypting the channel of communication between you and the consumer. Using a mathematical formula, SSL puts the information you exchange into a complex code. Think of it as a kind of armor over the information. Even if intercepted, your data would be extremely difficult to read."
Basically, SSL provides point-to-point security between Server A and Server B, so that data that passes between the two applications is secure in it's transport.
To truly integrate applications safely, however, there are a few more security concerns that we'll cover in subsequent posts... just know that distributed systems have existed for over 20 years, and the Internet is making it easier and easier to create the cross-organizational integration of work and systems that will lead to greater productivity and greater potential for effectively using technology for business advantage.
