Monday, January 26, 2009

N-Tier Security Silos

With the N-tier architecture the person managing the tiers tend to be separate and have separate skills sets. It often leads to knowledge silos and is especially visible when it comes to security. E.g it will be hard pressed to get a DBA who is good at securing Apache http Server. I wonder if there is a need for a security platform that helps to bridge this gap. An example could be that MidTier is more aware of security configured at the Data Tier and mid tier can take advantage of security at Data tier.
I wonder if this is an issue for you? How have you dealt with this?

No comments: