Post-perimeter security: dawn of a borderless world
7 May 2019
What impact does going mobile have on enterprises today? Tom Davison, EMEA Director at Lookout, discusses the new post-perimeter security realities and architecture required by enterprises today.
The way we work has fundamentally changed. Today’s enterprises have gone mobile, as apps and data have moved to the cloud, employees can now access corporate networks from anywhere in the world. In fact, Gartner has predicted that by 2020, 80% of work tasks will take place on mobile devices.
Moreover, employees are using a mixture of managed and unmanaged devices to access corporate resources and typically no longer require a VPN to access work emails or sensitive documents on the go. A Lookout survey at RSA 2019 revealed 75% of respondents admitted to accessing corporate data from a personal mobile or public WiFi network.
This move to a bring-your-own device (BYOD) environment has made organisations around the world more productive, more efficient and more fluid. However, this also means many employees are now accessing work data on non-corporate devices and on networks that you don’t trust, and you don’t control.
Also of interest: Top five human errors that impact data security
Changes in the way people work has forced enterprises to quickly face a new reality or risk being exposed to malicious actors. There are three key new realities that organisations need to face in order to secure their networks:
- The perimeter has disappeared
- Legacy security technologies do not suffice
- Devices cannot be trusted
Bad actors are increasingly taking advantage of these realities in order to target organisations. For example, phishing attacks have evolved to take advantage of the disappearance of perimeter security and the reduced visibility corporations have into employee traffic to steal corporate credentials from unsecure employee devices. Therefore, organisations need to adopt a new security architecture: Post-Perimeter Security.
Also of interest: Five key considerations for CISOs that are easily overlooked
Moving to a post-perimeter architecture
Data is accessed everywhere, and as a result security needs to be everywhere. A Post-perimeter security architecture provides the solution to this problem. There are three areas that make up this architecture: Endpoint protection, access to cloud and identity.
Situating endpoints within traditional perimeter security or relying on VPNs to bring traffic into the perimeter is no longer a suitable strategy. Instead, security itself must move to the endpoint. Endpoint protection solutions provide continuous visibility of employees’ devices, which allows organisations to identify cyber threats in real time and identify whether an employee’s device is healthy enough to access the corporate network.
Accessing the Cloud:
To protect access to the corporate cloud, specific critical security functions must move to the endpoint. This includes the monitoring of malicious links and websites while preventing workers accessing malicious content.
Endpoint security and access to the cloud must integrate with access arbiters such as identity and access management solutions. Identity management is a crucial element for accessing corporate data. As a result, identity and access management vendors that leverage multi-factor authentication must integrate with endpoint solutions. Organisations can then continually carry out assessments of trust on users and their devices.
Also of interest: How to use deception to gain the advantage over cyber-attackers
Zero-Trust: The starting point of post-perimeter security
Automatically granting employees access to data once they are connected to the corporate network is no longer an effective strategy. Forrester Research analyst Jon Kindervag developed the idea of Zero Trust, the understanding that all devices connected to an enterprise network should be treated as untrustworthy.
The enterprise must begin with an assumption of zero-trust to identify any risks posed to the corporate infrastructure and determine whether a device is healthy enough to access corporate data.
As a result, access to corporate data must be based on a continuous assessment of trust and all traffic should be logged and inspected to determine whether a devices behaviour fits within expected parameters. However, organisations must remain secure whilst respecting the privacy of the workforce.
Also of interest: Is it time for the cyber security industry to grow up?
The post-perimeter alliance
A Post-perimeter approach requires organisations to implement an integrated security plan across cloud, endpoint and identity management. Various alliances are being formed to address the need for an integrated approach and provide organisations with the necessary tools to implement a post-perimeter architecture.
One such example is the Post-perimeter alliance, a cross-industry effort to provide security for the modern, perimeter-less and cloud-based world. This alliance offers organisations solutions that provide continuous assessment of cyber threats to corporate data, and the necessary tools to manage those risks. Integrated solutions are crucial in making Post-perimeter security a reality within organisations.
The capacity to access the corporate network anywhere is a great development and helps to enhance productivity within enterprises. However, this new reality does come with its challenges.
As we enter a borderless working world, corporate data is increasingly hosted on the cloud and accessed by employees through networks that are beyond the control of IT, which exposes corporations to an increased risk of cyber threats. Post-perimeter solutions provide the starting point for organisations to begin securing their networks and data.