Report from RSA I spent just one day at the RSA Conference. In these times of generally dwindling conference attendance it was refreshign to see one that was packed to its limits. The exhibits in S.F.'s Moscone center were as crowded as an old Comdex, and manyu of the sessions held in the Metreon's movie theatres were overflowing as well.
Bill Gates was there and the big Microsoft/RSA announcement was SecureID for Windows. What? I could swear I used that authentication combination ten years ago. Turns out I was right. The only difference (as far as I can tell) this time is that the user experience is a bit simpler. You only have to enter the SecureID code and PIN in the Windows password field; there's no two-step authentication. Good, sure, but is this really worth all the hype? I think not.
The best session I attended was a very forward-looking presentation by Dan Geer entitled "The Disappearing Perimeter." Dan contends that "continued investments in information security technologies focused exclusively on perimeter protection are ineffective because they are obsolete." He suggests that the new security goal should be "to protect individual objects of value individually or, more precisely, to contract the protection perimeter to individual data objects."
That really doesn't do his presentation justice, and I hope to get Dan on a future edition of IT Conversations to explain it in detail.
Posted Wednesday, February 25, 2004 11:37:10 PM