ASP Industry Consortium Issues Guidelines for Security; New Committee to Target Key Issues for ASPs, Customers.Business/Technology Editors COMDEX The former, premier computer trade show in the U.S. Although it grew into an end user event, it was originally created for dealers and distributors (it was the COMputer Dealers EXposition). Fall 2000 LAS VEGAS--(BUSINESS WIRE)--Nov. 14, 2000 With surveys showing security to be the top issue of concern among application service provider (ASP) end users, the ASP Industry Consortium (Application Service Provider Industry Consortium, Wakefield, MA) A now disbanded trade organization founded in 1999 dedicated to research and standards in the application service provider (ASP) industry. has launched a security initiative within its Technology Committee and published a guide that highlights important security issues both vendors and customers need to be aware of. The "Key Security Issues for ASPs and Their Customers" booklet was unveiled today during a press conference with ASP Industry Consortium officials at COMDEX Fall 2000 in Las Vegas Las Vegas (läs vā`gəs), city (1990 pop. 258,295), seat of Clark co., S Nev.; inc. 1911. It is the largest city in Nevada and the center of one of the fastest-growing urban areas in the United States. . The booklet, available through the ASP Industry Consortium web site at www.allaboutasp.org, is a product of the Security Subcommittee sub·com·mit·tee n. A subordinate committee composed of members appointed from a main committee. subcommittee Noun , which has been formed within the Consortium's Technology Committee. "The mission of this new subcommittee is to define and highlight the best security practices in the ASP marketplace through white papers and case studies," noted Pavel Slavin, director of global systems for Argus Systems Group, Inc., who chairs the Security Subcommittee. "Our vision is to ensure that ASP customers receive a secure, unique connection from desk-to-data, with equal security protection in place at all levels of access." The Security Subcommittee will focus its efforts through four specialized spe·cial·ize v. spe·cial·ized, spe·cial·iz·ing, spe·cial·iz·es v.intr. 1. To pursue a special activity, occupation, or field of study. 2. working groups, each responsible for developing guidelines guidelines, n.pl a set of standards, criteria, or specifications to be used or followed in the performance of certain tasks. for best security practices in its particular area of concentration, Slavin explained. The four working groups are: -- Network Security Working Group - Responsible for establishing best security practices guidelines for securing the network component of the ASP infrastructure. -- Platform Security Working Group - Responsible for evaluating technologies that extend network security to the platform level to create a single comprehensive security environment. -- Integration Security Working Group - Responsible for defining the practices necessary to develop and implement a security architecture and the associated operational security processes. -- Security for SLA Working Group - Responsible for developing security-relevant information for ASP service level agreements (SLAs). While each of these working groups will concentrate on defining and highlighting best security practices, other groups within the subcommittee will explore real-world implementation of these practices through extensive security case studies, Slavin added. "Although security risks in the ASP environment can never be eliminated entirely, an ASP can help minimize these risks by paying particular attention to three key aspects of overall security: network security, platform security and integration security," Slavin said. "Only by taking steps to ensure all three types of security can an ASP establish a security environment that adequately protects both its customers' interests and its own." The guide highlights those three key areas - network security, platform security, and integration security - that require special attention from ASPs, and offers first steps toward understanding security options for those areas. It also advises on some initial steps customers can take to enhance the security of their applications and systems, such as creating an organizational security policy or requesting third party security audits. "The ASP delivery model has not only inherited inherited received by inheritance. inherited achondroplastic dwarfism see achondroplastic dwarfism. inherited combined immunodeficiency see combined immune deficiency syndrome (disease). many security risks common to any information technology (IT) environment, but also introduced new concerns that arise from having a third party host and deliver business-critical applications and systems," said Slavin in explaining the need for his committee's work. "Our overall goal is to alleviate those concerns by helping ASPs better understand their customers' security needs, while at the same time instilling in·still also in·stil tr.v. in·stilled, in·still·ing, in·stills also in·stils 1. To introduce by gradual, persistent efforts; implant: "Morality . . . customer confidence in the ASP computing computing - computer model," he concluded. A host of information relating to relating to relate prep → concernant relating to relate prep → bezüglich +gen, mit Bezug auf +acc security and other ASP topics can be found at the Consortium's web site, www.allaboutasp.org. About the ASP Industry An application service provider manages and delivers application capabilities to multiple entities from data centers across a wide area network, giving customers a viable alternative to procuring Procuring, in general, is the act of acquiring goods or services, usually by contract. It may refer to:
Though the ASP market is relatively new, computer industry analysts foresee fore·see tr.v. fore·saw , fore·seen , fore·see·ing, fore·sees To see or know beforehand: foresaw the rapid increase in unemployment. rapid growth and multi-billion-dollar annual sales within the next few years. End users cross industry lines and include anyone from the small office/home office See SOHO. (SOHO Soho (sōhō`, sə–), district of Westminster, London, England, known for its continental restaurants. Once a fashionable quarter, it became popular among writers and artists in the 19th cent. ) client to large corporations and from complex businesses to specific verticals. About the ASP Industry Consortium Founded in May of 1999, the Application Service Provider Industry Consortium is an international advocacy group of more than 700 companies formed to promote the application service provider industry by sponsoring research, promoting best practices, and articulating the measurable benefits of this evolving delivery model. Its goals include educating the marketplace, developing common definitions for the industry, as well as serving as a forum for discussion and sponsoring research. Among the technology sectors represented among the ASP Industry Consortium membership are Independent Software Vendors (ISVs), Network Service Providers (NSPs), Application Service Providers (ASPs), as well as emerging business models and other sectors supporting the industry. Information on the ASP Industry Consortium - including a full list of member companies - is available at www.allaboutasp.org or by contacting the Consortium's headquarters at: ASP Industry Consortium, Inc., 401 Edgewater Place, Suite 500, Wakefield, Mass. 01880; Tel: 781-246-9321; Fax: 781-224-1239; e-mail info@aspindustry.org. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion