Four years ago, the META Group's IT security practice had three people in it. Today, it has fifteen, the result, says META security expert Chris Byrnes, of "huge" interest in security that just keeps growing.

In the ebizQ webinar Beyond the Basics -- WebSphere MQ Security, part of the Best Practices for IBM WebSphere Software series, sponsored by Candle Corporation, Candle Senior Solutions Architect Peter Rhys Jenkins said it only makes sense: "The (security) weak points are everywhere. Absolutely everywhere. Every time there's a computer involved. Every time there's traffic over an Ethernet segment. Every time there's traffic over a wireless segment."

Byrnes traced the history of security concerns from tightly-coupled client-server applications, in which any single failure "stopped everything," to messaging middleware systems, which he said became manageable with the MQ Series from IBM but were ideally suited to apps running inside the corporate perimeter, to the mid-90s, when perimeter-based security began eroding with the emergence of remote access for home and mobile workers, B2B connections, supply chain integration, etc. Life inside the perimeter, Byrnes said, stopped being safe, and the life of the message no longer ended at the corporate walls.

Enter encryption, which "helped manage overhead and stay ahead of hackers," but had its own problems: No one could manage keys in a complex environment. And so, "PKI (Public Key Infrastructure) was invented." And took off.

"PKI is the basis for all Web services security going forward," Byrnes pointed out. "When you hear about Service Oriented Architectures, no one says, 'Oh, by the way, PKI is integrated and necessary for security.' But it is. PKI is in fact becoming infrastructure. We are in fact solving the key management problem, so we can use encryption, so we can strongly authenticate messages, so we can assure their integrity -- all the traits we expect from a well-secured system.

"It's being integrated. It has to be. It's complex. You don't want to do it over and over again. Understanding the role of PKI technologies, and how you will use them (and you are going t use them), is crucial to all of the new-generation computing systems coming out. There's no way around it. It will be everywhere. And therefore, understanding PKI is going to be crucial to your success and that of your organization over the next few years." Stands to reason!