The agenda of the November session listed two distinct topics. The first one, brought by ING, forced us to take a distance from our day-to-day, technical focus and reflect on the purpose, mission, values and impact of our practices. The relative gap in maturity, initially perceived by some members, clearly is no longer an impediment to actively participating to open discussions among trusted members, boosting the sharing and value creation!
Concrete proposed actions resulting from this activity are the co-creation and application of an ESA maturity model and the edition of an article on what enterprise security architecture is about and how the Coalition can help member and non-member organizations in achieving professional standards.
The second topic, jointly brought by BNP Paribas Fortis and Proximus, took a closer look into the API management domain, one of the pillars of enterprise digital transformation. Several architecture views, access control mechanisms and secure reference designs were elaborated. Three concrete patterns were analysed for trade-offs between their protection level and the implied management effort.