deperimeterization

In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication.

Network administrators commonly use a castle analogy to explain their security strategy. Network devices are placed behind a firewall and security efforts are focused on keeping intruders out. Thus, company data is protected on the perimeter. With the advent of Web services, ubiquitous connectivity and a mobile work force, however, some administrators are beginning to question whether the traditional border model of IT security is practical.

The term deperimeterization was coined by Paul Simmonds of the Jericho Forum, a non-profit group dedicated to "the development of open standards to enable secure, boundaryless information flows across organizations." Simmonds says that a hardened perimeter security strategy is impossible to sustain and is fundamentally at odds with an agile business model.

Simmonds points out that currently it can take from one to six months to set up a new sales office. A network administrator might have to design an extension to the corporate wide area network (WAN), negotiate a contract with a telecom and Internet service provider (ISP), install a local area network (LAN), set-up a virtual private network (VPN), and install telephones and desktop PCs to get the office up and running.

In the proposed deperimeterization model, the administrator would simply need to connect desktop PCs and VoIP telephones to the Internet, because all points of the company's network, from front-end gateways to back-end components, would be secure. For such a strategy to work, all data on the company's network would need to be encrypted and end-users, whether they were internal staff, customers, or business partners, would be given as-needed authorization to access specific pieces of encrypted data within the company's network.

Contributor(s): Herzl (Tselly) Regev
This was last updated in September 2009
Posted by: Margaret Rouse
View the next item in this Essential Guide: near-continuous data protection (near CDP) or view the full guide: Protect information like a pro: A guide for enterprise CIOs

More News and Tutorials

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Research More Tech Terms

  • Search thousands of tech definitions
  • Browse tech definitions
    Browse Alphabetically:

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

Powered by WhatIs.com