This is the idea behind Google’s BeyondCorp security model in which they recognized that their former perimeter didn’t address the new reality. So, make sure they have protection that travels with them. And who let the dogs out? Someone’s always letting the dogs out. So, it doesn’t make sense to say that the perimeter is dead, but the perimeter does need to change along with that organization. Wherever your data lives, you need a perimeter that’s appropriate to the situation, and to the risk that you need to mitigate. If your cows are happy where they are, you should keep your fence, but add controls for the eventuality that someone gets inside the fence (or you have a rogue cow). It wasn’t until they were confronted by an external threat (an attacker or an auditor, take your pick) that they realized they needed to step up their perimeter game. They thought their Internet Service Provider was taking care of it or they had something that could be used as a firewall, but didn’t realize it or the firewall was set up by an employee who has departed, and since it didn’t cause anything to break, they left it alone. Many of these companies with networked assets didn’t get an effective firewall until recently, if at all. But most existing enterprises didn’t start in the cloud, and they still have physical assets that are networked on their premises. Plenty of cloud-first organizations don’t have a classic network perimeter because they never had to build one, but if you asked them to identify what was “theirs,” they could still tell you their perimeter is enforced by a combination of logins, encrypted network connections, and whatever tenancy controls their providers have in place. But even if you have a BYOD policy (Bring Your Own Dogs), you want to make sure they’re well behaved dogs-and you still have to protect the cows. Once you start placing lots of gates in your fence and move half your livestock outside of it, you start to wonder why you still have a fence. The perimeter’s imminent demise has been forecast by any number of people and, to a certain extent, they have a point. Before you can go beyond something, you have to get there first.
0 kommentar(er)
