The Open Group got together with the SABSA Institute to give a new security architecture flavor to TOGAF, The Open Group Architecture Framework. It takes the form of some new guidance for working the security angle into enterprise architecture planning. A key to the SABSA approach is willingness to accept some risk while working to ensure security. That’s informed by the notion that security strategies for businesses must admit that a business is here to do business.
“The most secure store never opens,” quips SABSA Academy leader John Sherwood.
The TOGAF-SABSA collection of best practices will find a ready audience as IT moves to endorse more and more Web APIs. And it is not always about security. When Sony’s game playing audience saw their sites down due to security issues they complained – not to get the sites secure, but to get the sites running. Can you say paradigm shift?
Gamesters are different than enterprise apps users. The enterprise app users sue. The balancing act is delicate. Read about the TOGAF/SABSA Guidance.