TABLE OF CONTENTS Justifiable concerns about security have been the primary reason that many have shied away from implementing corporate portals in the past. Though security threats, unfortunately, continue to increase rather than decrease, fears about security exposures cannot be used forever as the excuse for not offering a portal. This goes back to the discussion about upside rewards versus downside risks. Obviously, thousands of companies, many with sensitive assets, already have corporate portals, and quite a few have had portals for a good number of years.
The challenge, when it comes to security, is to identify and implement the security measures that address your unique requirements. The good news is that there is no shortage of security technology and proven solutions, whether it be for firewalls, user authentication, encryption, or single sign-on. The popularization of Web services is likely to further increase the options available for obtaining the security functionality you need, as vendors, including the likes of Microsoft with its Passport initiative, start to offer proven security solutions in the form of Web services.
When it comes to portal security, one size is unlikely to fit all. You will have to carefully determine what your exact security needs are and what steps you should take to implement security measures that meet, if not exceed, your requirements. However, keep in mind that there is a danger that you could become overzealous and possibly even paranoid. It may be prudent to hire some credible external consultants to recommend...
