IT security is in a crisis state. Major security breaches are now everyday occurrences. Many of these breaches are occurring at companies that employ the most advanced security products available. What is the problem? We believe the problem is application architecture. We are designing applications that are inherently insecure. An insecure application cannot be made secure by throwing security infrastructure on top. We need to rethink our application architectures.
This paper presents a new approach to application architecture called The Armored Snowman Architecture that delivers highly secure IT systems. The paper contrasts this architecture with traditional architectures in all four of the major types of security breaches. Until we rethink how we are designing our most mission critical systems, the security nightmare that we are now in the middle of will continue. This paper shows what must be done differently.
Early readers have been enthusiastic about this white paper. Here are some reader comments:
- "Very insightful, very sobering."
- "A thoroughly readable and very enjoyable paper."
- "A great paper."
- "The content is very good and I appreciate the information you have shared over the years."
- "I have really enjoyed reading this, it is very good."
- "I found it very interesting and found myself vowing to spend more time getting caught up on your SIP work. I have both the Software Fortresses book and the Simple Architectures book. I think you’re not just following the herd. That is very important and difficult, and it's one thing that distinguishes you and has done so for a long time."
- "I am intrigued with your architecture approach using the Snowman concept. The armed snowman is no exception."
- "This was a really interesting read and I am keen to see how organizations apply the snowman."
- "There is way too much FUD in the EA world and, as you allude to, security is lagging behind and needs drastic behavior and culture change at senior levels."
- "I appreciated the compare/contrast approach between traditional architectures and The Armored Snowman Architecture, I found this extremely helpful to visualize a traditional approach compared to the SIP approach."