Monday, December 1, 2008

TaoSecurity's thoughts on the future


The points he raises are interesting, and some seem very probable. The ones I think are interesting are

Prediction 1: VPN connections will disappear.
"Some of you might limit the type of connection to certain protocols, but why not just expose those protocols directly to the outside world and avoid the VPN altogether?"

This may have some merits, but it makes me uncomfortable. It's quite possible I may be looking at it from a narrow point of view of performing my job remotely, and not looking at normal day-to-day work. Some internal assets such as email, collaborative web tools (ex. wikis, Microsoft Share Point), and code repositories (ex. CVS, SVN) might be able to to be exposed with proper strength of authentication and encryption. However, I would think it would be difficult to do many remote administration tasks securely. Maybe the title implies that the VPN connections dramatically decrease, but not totally disappear?

Prediction 2: Intranets will disappear.

This prediction builds off the previous one. I suppose this is a semantics argument. The assets are still going to exist, but since they are exposed to the internet, they would no longer be considered intranet?

The other predictions are definitely plausible to happen in the future. It's a fairly quick and interesting read, so I'd recommend clicking the link above. He has other good posts too, so you may want to add him to your RSS feed if you haven't already.

No comments: