Essential Guide

Protect information like a pro: A guide for enterprise CIOs

A comprehensive collection of articles, videos and more, hand-picked by our editors

deperimeterization

In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication.

In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication.

Network administrators commonly use a castle analogy to explain their security strategy. Network devices are placed behind a firewall and security efforts are focused on keeping intruders out. Thus, company data is protected on the perimeter. With the advent of Web services, ubiquitous connectivity and a mobile work force, however, some administrators are beginning to question whether the traditional border model of IT security is practical.

The term deperimeterization was coined by Paul Simmonds of the Jericho Forum, a non-profit group dedicated to "the development of open standards to enable secure, boundaryless information flows across organizations." Simmonds says that a hardened perimeter security strategy is impossible to sustain and is fundamentally at odds with an agile business model.

Simmonds points out that currently it can take from one to six months to set up a new sales office. A network administrator might have to design an extension to the corporate wide area network (WAN), negotiate a contract with a telecom and Internet service provider (ISP), install a local area network (LAN), set-up a virtual private network (VPN), and install telephones and desktop PCs to get the office up and running.

In the proposed deperimeterization model, the administrator would simply need to connect desktop PCs and VoIP telephones to the Internet, because all points of the company's network, from front-end gateways to back-end components, would be secure. For such a strategy to work, all data on the company's network would need to be encrypted and end-users, whether they were internal staff, customers, or business partners, would be given as-needed authorization to access specific pieces of encrypted data within the company's network.

This was first published in September 2009

Continue Reading About deperimeterization

Glossary

'deperimeterization' is part of the:

View All Definitions

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Essential Guide

Protect information like a pro: A guide for enterprise CIOs

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close