Should IT departments ring fence systems like walled fortresses, or adopt a more open policy where people have general access but different security clearance levels for specific areas?
That, in essence, will be the debate taking place at the Infosecurity Europe conference on 26 April, when IT security directors from blue chip companies will argue the case for and against security architecture based on the deperimeterised model.
Speakers will include Nicholas Bleech, IT security director at Rolls-Royce, Dan Blum, senior vice-president and research director at Burton Group, and Paul Simmonds, global information security director at ICI. The session will be chaired by Richard Starnes, president of the UK arm of the Information Systems Security Association.
Another debate at the annual Infosecurity Europe exhibition and conference, which runs from 25-27 April at London's Olympia, will probe whether the business advantages of voice over IP outweigh security concerns.
With use of VoIP predicted to treble annually over the next few years, top IT security directors will debate the opportunities, projection of costs and nature of the security threats.
With panelists including John Meakin, group head of information security at Standard Chartered Bank, and Andrew Yeomans, vice-president and global IT security director at DresdnerKleinwortWasserstein, this session will be strongly rooted in practical experience.
Another key issue to be addressed at the conference is how best to tackle the growing challenges of regulatory and legislative compliance. Compliance is necessary to reduce risk for businesses of all sizes, but at what point does a risk-averse strategy harm development and enterprise?
Jeremy Beale, head of e-business policy at the Confederation of British Industry, will chair a session examining these issues, not only for large organisations but also for small and medium-sized businesses. Andreas Wuchner, chief information security officer at Novartis, Paul Davis, IMS director at Simons Group, and two IT lawyers will discuss how to get the right balance.
The last conference session of Infosecurity Europe, and one of the most popular each year, is the Hackers Panel. This year the panel of experts will discuss the motivations for hackers and also provide a practical demonstration exposing some of the myths relating to computer hacking.
Chairman of the session will be author Robert Schifreen, who, in 1985, was the first person in the world to be tried by a jury in connection with computer hacking. He was acquitted on appeal and also by the House of Lords, but his case paved the way for the Computer Misuse Act in 1990.