Paul Simmonds, chief information security officer of
ICI, has been made redundant following the acquisition of the
chemicals firm by Akzo Nobel, which was completed in January
2008.
Simmonds worked for ICI for seven years and in 2003 helped form
the Jericho
Forum, a group comprising a number of bluechip businesses. Its
aim is to change the way the IT industry secures networks.
Rather than secure network perimeters with firewalls, Simmonds
and the Jericho Forum suggested that the network needed to be open
(or
deperimeterised)
to support businesses partnerships.
Speaking to Computer Weekly last week, Simmonds said the
Jericho approach has made a considerable impact, both to the way
the IT industry now treats security and the ideas of
deperimeterisation adopted at ICI.
He said security products should not differentiate between
securing the internal network and the internet. "Symantec
Enterprise 11 espouses the Jericho principles."
"Everything we have done at ICI has been based on the idea of
de-perimeterisation," he said. So when the company implemented
PeopleSoft, Simmonds said it was implemented in a way that meant
the internal network was considered as insecure as the public
internet. When ICI decided to implement an online expenses system
using a secure internet site managed by ICI American Express, the
PeopleSoft system did not need to be reengineered to support
Internet acccess. "We saved a lot of money by taking that
decision," he said.
De-perimeterisation was also used during Akzo Nobel's
acquisition of ICI. "When Akzo Nobel bought ICI it needed to see
our networks and this involved building a trust relationship
between the two companies' Windows Active Directories." Such a
trust is model one of the principles of the Jericho Forum.