Handling perimeter expansion and disintegration

One of the most common themes over the last few years in IT security discussions has been the de-perimiterisation of the corporate network.  The term was originally coined by the Jericho Forum and refers to the greying of the split between the internal trusted network and the wider world.

This is briefly described here;

http://en.wikipedia.org/wiki/De-perimeterisation

Traditionally there has been strict demarcation, maintained by devices such as firewalls, between the untrusted outside world, the semi trusted DMZs (De-Militarised Zones), and the trusted internal network.  As more and more business functions require interactions between intenal users and external customers, suppliers, remote users, home workers and other third parties these strict zones of demarcation have become considerably more porous.

This has lead to some people proposing the removal of this network boundary concept and for securing of data and systems to be achieved with encryption, host and network based IPS (Intrusion Prevention Systems), and AV etc.  With the view that data and systems can be kept secure while facilitating easier and more efficient business with customers, partners and other third parties.  Taken to it’s extreme, this is the paradigm of the ‘perimeterless’ network.

If you are faced with dealing with this ever more porous network perimeter while still maintaining the security of the systems you are responsible for, or you just want to read more about how security and this issues raised by the muddying of internal and external network boundaries, Sophos have produced a simple and easy to read guide in their naked security blog titled;

Practical IT: handling perimeter expansion and disintegration

This can be found here;

http://nakedsecurity.sophos.com/2012/07/13/perimeter-security-expansion-disintegration/

Have a read, and let me know what you think.  If there is any interest I’ll write a more in depth post on the topic.

K

Advertisements

Author: Kevin Fielder

Innovative and dynamic security professional, with a passion for driving change by successfully engaging with all levels of the business. I am a determined individual with proven ability to provide security insights to the business, in their language. These insights have gained board buy in for delivering security strategy aligned to key business goals. This is achieved by understanding the need to drive change through people, process and technology, rather than focusing exclusively on any one area. I take pride in being a highly articulate, motivational and persuasive team-builder. I have a strategic outlook with the ability to engage with and communicate innovative and effective security solutions to all levels of management. Along with a proven ability to translate security into business language and articulate the business benefits I am also passionate about leading security innovations and making security a key part of the business proposition to its customers. Security should be made a key differentiator to drive sales and customer retention, not just a cost centre! Outside of work I am a proud husband and father to an awesome family, and a passionate CrossFit coach and athlete.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s