Channel partners have a new, free tool at their disposal for testing IT
security products, courtesy of an assessment framework launched this week by
Jericho Forum.
Known for its revolutionary ideas—it was one of the first organizations to
announce the death of perimeter security years ago—Jericho Forum is an
international IT security thought-leadership association. Its latest
contribution to the security community is the Jericho Forum Self-Assessment
Scheme (SAS), a new assessment framework that can help channel partners and
their customers gain visibility into how well-designed their potential security
technology purchases truly are.
“This new Self-Assessment program extends to all security vendors and customer
organizations the benefits of clear measurement criteria with the goal of
establishing a more secure marketplace where products are inherently secure
right out of the box. This is an open invitation to the IT industry to improve
security design standards,” Paul Simmonds, a Jericho Forum board member, said
in a statement.
The SAS is based on the Jericho Forum Commandments: 11 principles of security
design that the group developed back in 2006. SAS will help channel partners
ask the right questions about products they’re considering for customers in
order to see how well they track with the forum’s Commandments.
“I’ve previously referenced the Jericho Commandments as a framework for
envisioning how information security defenses must shift in the modern era,”
Dan Blum, principal analyst for Burton Group/Gartner, said in a statement.
“Cloud computing is the latest manifestation of IT externalization and
de-perimeterization trends that motivate the Jericho Commandments. The Jericho
Self-Assessment Scheme being announced will help vendors and customers give
themselves an architecture checkup, and it is therefore a useful way to measure
cloud-readiness.”