In some ways, the Defense Department’s task of keeping the country secure starts with keeping its own information technology systems secure. The job is never easy, and it gets more complicated with the shift from a systems-based approach to a service-oriented architecture. So as DOD implemented its SOA-based Net-Centric Enterprise Services (NCES) platform during the past year, its managers had to find a new way to secure services.
“Initially, we thought that taking a centralized approach to enterprise security was best,” said Carlos Vera, deputy program manager at NCES, which is under the purview of the Defense Information Systems Agency. “What we have learned is that is the wrong model. We can’t do everything at the enterprise level.”
