Since the internet became widely used, enterprises have been using perimeter-based tools to protect their systems against viruses and malicious activity. In an age when data and processing have moved closer to the edge, perimeter security is no longer enough. Enterprises must prioritize a data-centric security approach that fills in the gaps and vulnerabilities left by perimeter strategies.
There are several factors causing the perimeter approach to lack effectiveness in protecting systems and data:
Cloud migration: This is the overarching shift that is causing the network perimeter to evaporate. Data and systems are no longer housed neatly on enterprise property, but are instead cloud-based, with data moving between branch locations, data centers, and applications in the cloud.
Mobile Technology: Cloud solutions are making it easy for employees to access systems from anywhere, anytime, so this extends the network perimeter to wherever the employees are accessing them.
IoT: This technology overlaps with the above two subjects, but the Internet of Things (IoT) places sensors on all types of equipment, from a heart monitor in a hospital to a gauge on a massive tank of vegetable oil in a food processing plant. These sensors are improving productivity and gathering critical information, but they also serve to muddy the perimeter of the network.
These are just a few of the key factors creating new requirements for data security. If much of the innovation is taking data outside the traditional network, it’s necessary for enterprise IT to determine new ways of handling it.
Many threats to data security are beyond what the perimeter or any physical security can handle, including application vulnerability, malware, weak credentials, and even enterprise insiders. More threats are emerging based on the high number of devices connected directly to the internet and the shift of data storage and processing away from a central data center and systems.
IT security is under pressure to have a deep understanding of how data is organized and stored, what it is used for and by whom, as well as the risks and impact if the data is compromised. A number of measures can be put in place to protect data and systems in a perimeter-less environment:
- Organization-wide data-centric security strategies that include detailed responsibility and accountability of security management, employee education plans, data policies and procedures, and compliance and monitoring.
- Comprehensive security measures that include network security tools, privileges and access control, device security, transmission security, and storage and backup.
- Operational strategies, including vulnerability assessment, monitoring, data recovery, and schedules for updates and patches.
- Physical measures that include site-based access controls and monitoring.
A lapse in any of these areas may prove costly for the enterprise not only in terms of potential downtime, but also due to the loss of reputation or compliance regulation penalties.
Creating a data-centric security policy starts with a careful assessment of your security vulnerabilities. Contact us at eXemplify to learn more about addressing the challenges of a disappearing network perimeter.