Just came across an interesting article in Network World on the dirty secrets of security vendors. While I agree with some, disagree with a few, it was #2 that caught my eye.
The author, Joshua Corman, claims, "There is no perimeter". Paraphrasing him -
Vendors say that the network perimeter must be defended, but most data that is actually lost doesn’t go through the firewall. Half of all breaches are the result of either lost laptops or lost thumb drives or other removable media. Businesses need to tighten up their business processes at least as much as they need to tighten up network perimeters, he says. “If you still believe in perimeters, you may as well believe in Santa Claus,” he says.
Not sure I believe in Santa Claus, but that's not the reason I agree with Mr Corman. I do believe that a data-centric or information-centric approach to security is the right one. Protecting devices, ports, networks, perimeters might become a thing of the past. Security vendors will evolve towards offering protection at the data level..
When? Now that's a completely separate discussion, though some are further along in reaching this goal than others....
The author, Joshua Corman, claims, "There is no perimeter". Paraphrasing him -
Vendors say that the network perimeter must be defended, but most data that is actually lost doesn’t go through the firewall. Half of all breaches are the result of either lost laptops or lost thumb drives or other removable media. Businesses need to tighten up their business processes at least as much as they need to tighten up network perimeters, he says. “If you still believe in perimeters, you may as well believe in Santa Claus,” he says.
Not sure I believe in Santa Claus, but that's not the reason I agree with Mr Corman. I do believe that a data-centric or information-centric approach to security is the right one. Protecting devices, ports, networks, perimeters might become a thing of the past. Security vendors will evolve towards offering protection at the data level..
When? Now that's a completely separate discussion, though some are further along in reaching this goal than others....
