As business started to connect to the Internet, this connection point became the natural place to enforce security controls, mimicking existing physical security models. Businesses assumed that if someone was inside the building or inside a certain perimeter, that person inherently had a higher level of trust than those outside.
The same business needs that required connectivity forced erosion of this perimeter. Websites and email servers had to be reached from outside of the defenses. Additional perimeters were created to address this, starting with DMZ networks. Some users and data moved to the untrusted side of the walls, and attacks were originating from the inside (whether from phishing, compromised credentials, or insiders). More perimeters were created, including data center firewalls and internal segmentation or even microsegmentation deployments.
With the pandemic, the erosion of the perimeter turned into a collapse. Instead of some data and a few users being outside the perimeter, there was an almost overnight need to have all the employees outside. The new demands weren't easy: access to all the data, from all the places, all the time, on all the devices. Securely.
The New Perimeters
Identity as a PerimeterIdentity has been a key part of security forever. The importance of strong identity has increased exponentially with digital transformations — for a software-as-as-security (SaaS) application, it may be the only control in the hands of the data owners.
The scope of "identity" has grown from who you are to include physical location, the device being connected from and its state, the time of day, and other parameters. Multifactor authentication has become a minimum st ..
Support the originator by clicking the read the rest link below.
