The Jericho Forum is to present IT suppliers with a draft security specification aimed at making products suitable for use by multinational organisations and government departments.
Twenty-six members of the user group, including Airbus, Qantas, Procter & Gamble, Standard Chartered Bank, HBOS, Royal Bank of Scotland, Shell, BP, Royal Mail, ICI and KPMG, discussed proposals last Friday at a meeting held at the Royal Mail Innovation Lab in Rugby.
John Meakin, head of information security at Standard Chartered Bank, said, "We confirmed our overall objective to build a specification to allow businesses to operate in a world where network boundaries are not as defined as today’s [infrastructure]."
He said the group planned to publish a draft specification by the end of the year, which it will distribute to IT security suppliers to encourage them to develop integration between rival products. "Security is still about point solutions," he said. "The objective of the Jericho Forum is to overcome inconsistency [between IT security products]."
Meakin argued that users should not be forced into running a proprietary security model, such as the one proposed by IBM and Cisco, or Microsoft’s alternative architecture.
He said IT security that relies on securing the network perimeter was no longer sufficient for some businesses’ needs.
One example of where this is happening today is oil giant BP. Paul Dorey, the company’s director of global security, said 2,000 users at BP were using the internet as their corporate network, rather than an internal infrastructure.
This sort of architecture is a challenge for traditional models of IT security, which rely on securing the internal corporate network.