|
secure collaboration
Perimeter Buster by Bill Boni
Safely leapfrogging the perimeter firewall can enhance innovation and provide the right balance of access and security.
Bill Boni
- TITLE Corporate vice president, information technology and security
- COMPANY Motorola
- INDUSTRY Manufacturing
- KUDOS
- Board member: International Society for Policing Cyberspace; Information Systems Audit and Control Association (ISACA); Certified Information Security Manager's (CISM) certification (ISACA).
- Author of I-Way Robbery: Crime on the Internet, High Tech Investigator's Handbook: Working in the Global Environment and Netspionage: The Global Threat to Information.
- Past chairman of the American Society of Industrial Security (ASIS) Council on Safeguarding Proprietary Information.
- Past chairman of the Information Technology Governance Institute (ITGI).
[IMAGE]
Security practitioners frequently face the challenge of how to help their organizations deal with threats to information assets. Too often, they must focus on the negative part of the job: stopping bad actors, preventing attacks, patching systems and detecting insider threat...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
s. These activities are absolutely necessary, but, after a while, these tasks can become, at best, tiresome, and at worst, an excuse for dismissing opportunities to remain relevant and solve other problems.
In 2007, the Motorola information security team started a project to find better ways to protect key information assets while also enabling employees to be more innovative. First, we changed the way we looked at firewalls. The perimeter firewall has been a primary tool for protecting networks, enabling appropriate connections to the outside and controlling unauthorized traffic in and out of the enterprise. While providing protection, this also creates barriers to the kind of ad hoc, unstructured and unpredictable needs for communication that are imperative in the age of mobility.
So we implemented a novel security concept called enablement zones (E-zones), a logical collection of users, software applications and systems that have similar need for connectivity and protection. They embrace the need for increased protection without suppressing innovation and mobility. E-zones facilitate sharing of information with mobile employees, business partners and customers, while improving the protection of critical data. For the more than 65,000 individuals in 50 countries, E-zones eliminate the traditional corporate firewall perimeter and historical friction that security compliance generated. A business unit, department or functional unit can support any number of E-zones, and there can be any number of systems per zone. E-zones can be short-term or permanent.
|
 |
|
