BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Listen to expert Johna Till Johnson's top five tips for enabling perimeterless protection, starting with understanding what it actually means that the idea of network perimeter security is becoming obsolete.
Johnson, CEO and founder of Nemertes Research, shares her action items for information security professionals who need to keep their organizations secure even as their networks' perimeters dissolve.
As boundaries between inside and outside the enterprise continue to blur, enterprises must increasingly accommodate different models for accessing computing assets: BYOD, contractors, business partners, wireless and off-site employees are all stretching the perimeter to the point where many enterprises need to consider whether their network perimeter security strategy should become a perimeterless security strategy.
Questions to ask include what share of enterprise workloads are running in the cloud, how many users are working remotely, and how frequently are employees, contractors and business partners bringing their own devices inside what was formerly a locked-down perimeter. The answers to these questions will determine how much -- or whether -- the enterprise network perimeter security strategy must change.
At a minimum, information security professionals need to evaluate where their organizations fall on the perimeter/perimeterless spectrum. How much of the enterprise IT infrastructure has been extended to the cloud? How much of that infrastructure comprises devices that belong to employees, contractors and business partners? How many end-users work off-site? These questions all help define a network perimeter security strategy.
In this podcast, Johnson explains first why the perimeter is going away and how that affects network perimeter security. She then offers a five-step action plan that includes evaluating just how far beyond perimeters your organization has moved and setting priorities and goals for building a secure computing environment in which users can get their jobs done. She also points to the latest set of key technologies that security professionals must consider -- including data loss prevention, secure web gateways and user behavioral analytics -- as they move beyond the enterprise network perimeter.
Johnson's tips will be useful to professionals who need to get started, but who aren't sure exactly where to start.
View this presentation to learn more about strategies for protecting the network edge.
Learn more about how user behavioral analytics can detect possible malicious activity.
Find out more about deploying a secure Web gateway.