In recent times the combination of Cloud and IoT, increased enterprise security threats and escalating damages resulting from breaches has introduced stronger levels of inspection and overall security. This has led to a new approach called de-perimeterization. The focus is on locking down all aspects of the network, both inside and outside of traditional firewalls.
Location No Longer Matters
With de-perimeterization every user, device, service, or application is implicitly untrusted, irrespective of where they are on the network, and must go through an identity and access management process to gain a level of trust and associated access privileges. This means all network resources are accessed securely regardless of location or device and adopt a least-privilege network access strategy to strictly enforce access controls. With each session that a user creates with other users or applications must then in turn be authenticated, authorised, and accounted for before a communication session is allowed to be established. This enforces security policies at the edge of networks and stops malicious traffic at its origin, not in the middle of the network or at the front door to an endpoint or application.
An organization can have great firewalls, end point protection software, server and application security capabilities and still be at risk of breaches and loss of data. The days of perimeter-based security and providing limited segmentation within an enterprise are gone as more users are mobile, applications are moving to the public cloud, billions of IoT devices are being added, malware is residing everywhere, and hackers are becoming more sophisticated.
Strategy Beyond The Network
The network is the foundation for security, but the network itself is no longer enough to keep data safe. Your network security strategy needs to go beyond its traditional confines with a default of denying all network access and then building whitelists on explicitly allowing access will reduce the enterprise risk from DDoS attacks, malicious software infections, and data breaches. If a malicious user cannot get to the “front door” of an asset, then they do not have the ability to breach it.
The empowered enterprise technologies, including Social Computing, Web 2.0, mobile, video, and cloud, have radically changed the traditional concept of the perimeter to the extent that there isn’t one. Architecture based on a de-perimeterized approach provides a long-term road map to a flexible, scalable, and extensible network that builds-in security by default. The constantly evolving malicious technologies that are now widely available mean ensuring that your infrastructure is protected is becoming more and more vital.
Contact or call us on 0845 625 9025 to see how we can help you adopt a de-perimeterised approach for your organization.