Welcome!

Related Topics: SYS-CON MEDIA

SYS-CON MEDIA: Blog Feed Post

The Endpoint Imperative: The Perimeter is Dead; Long Live the Perimeter!

Cloud, mobility and the Internet of Things have obliterated the traditional perimeter that protected organizations. The result: Higher productivity, but bigger challenges for security, data protection, and mobile device management.

This episode of the “The Endpoint Imperative” podcast series from Intel, Kevin L. Jackson and Intel’s Yasser Rasheed explore the new normal for security, with a focus on the end users.

Kevin: The topic for this episode is,"The Perimeter is Dead, Long Live the Perimeter". With me is Yasser Rasheed Director of Business Client Security with Intel. Yasser welcome back.

Yasser: Hi Kevin, happy to be back.

Kevin: This time, however, I'd like to really talk to you about this security perimeter thing. Cloud mobility and the internet things have really obliterated what I've always referred to as the wall and moat security paradigm, where working inside the enterprise was safe but working outside of the company's walls wasn't. What's pending impact of this evolution?

Yasser: You know Kevin nowadays with the cloud and mobility trends, we as end users we take our devices and work anywhere and everywhere at anytime. We take our laptops and work from home or from a coffee shop or on the go during the trip. The new shift here is really making us re-think how we protect the information that we have access to. The concept or the traditional concept of protecting at the perimeter with the traditional firewalls and gateways is really non-existent anymore. When I'm using my laptop at a coffee shop, I am no longer going through a firewall to access a cloud service. It's imperative for the industry to re-think the concept of listening at the perimeter level from a security perspective.

Kevin: Did the IT team miss the boat with getting a grip on the management of security within this new business ecosystem of today?

Yasser: From my perspective, it's not about missing the boat as much as the industry is moving and evolving very fast and IT organizations, more specifically information security organizations, need to cope with this evolution, and in certain cases may need to be ahead of it. At the same time, by the same token, that evolution is giving an advantage to the hacker community, to the bad guys really, to take advantage of the shift and attack the endpoints. Attack the end users, grab the data, steal the data or lock it in and ask for ransom.

Kevin: These new approaches to information technology have really changed the traditional workplace. Yasser how are IT leaders balancing the benefits of cloud and mobility, things like productivity and accessibility, with the obvious security challenges?


Yasser: Great question Kevin. We know that end users especially the new generations of end users focus tremendously on the ease of use and the productivity, and don't want to be burdened with additional security processes that they don't really comprehend. It's imperative for the IT leaders and information security leaders to balance end-user productivity, the simplicity of integration for IT and the productivity end-user experience for end users. The only way for the industry to evolve and achieve the right level of protection is with the right balance. This is not an easy job to do, however, it's the only way for the industry to keep moving in this direction.

Kevin:
Do you have any advice on how to make security everybody's job in this new normal?

Yasser: Great question. The first thing I advise everyone is for the leaders in the IT and information security industry to educate their teams and their end users. Education is king. We need to first educate them and get them to the level of comfort with the simple attacks like phishing and how scams happen. More importantly, IT organizations and information security organizations need to focus on four priorities. The top one is identity protection. That is really protecting against identity breaches which today constitute 80% or more of the total number of breaches. The second priority is to protect the data. Data protection is really an imperative because the data is the asset that the attackers are going after. The third priority is about detecting and preventing threats, especially the new and advanced threats that we see nowadays where signature-based detection of viruses is no longer sufficient, it's necessary but insufficient. The fourth and last priority is the ability to recover quickly from an event of a breach. The breach is a matter of when it happens, not if it happens, and organizations need to be ready recover quickly to a good level of productivity. These are the four priorities that I recommend the industry to focus on, and more importantly, apply the new techniques based on hardware-based security as opposed to traditional software-based security that is no longer sufficient in this space.

Kevin: With that sound advice we've come to the end of our time for this episode. We really want to thank Yasser Rasheed with Intel for his insights and expertise.

Yasser: Thank you, Kevin, it was a pleasure to be here.

( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)





Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2017)



Read the original blog entry...

More Stories By Kevin Jackson

Kevin Jackson, founder of the GovCloud Network, is an independent technology and business consultant specializing in mission critical solutions. He has served in various senior management positions including VP & GM Cloud Services NJVC, Worldwide Sales Executive for IBM and VP Program Management Office at JP Morgan Chase. His formal education includes MSEE (Computer Engineering), MA National Security & Strategic Studies and a BS Aerospace Engineering. Jackson graduated from the United States Naval Academy in 1979 and retired from the US Navy earning specialties in Space Systems Engineering, Airborne Logistics and Airborne Command and Control. He also served with the National Reconnaissance Office, Operational Support Office, providing tactical support to Navy and Marine Corps forces worldwide. Kevin is the founder and author of “Cloud Musings”, a widely followed blog that focuses on the use of cloud computing by the Federal government. He is also the editor and founder of “Government Cloud Computing” electronic magazine, published at Ulitzer.com. To set up an appointment CLICK HERE

Latest Stories
It is ironic, but perhaps not unexpected, that many organizations who want the benefits of using an Agile approach to deliver software use a waterfall approach to adopting Agile practices: they form plans, they set milestones, and they measure progress by how many teams they have engaged. Old habits die hard, but like most waterfall software projects, most waterfall-style Agile adoption efforts fail to produce the results desired. The problem is that to get the results they want, they have to ch...
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
The best way to leverage your CloudEXPO | DXWorldEXPO presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering CloudEXPO | DXWorldEXPO will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at CloudEXPO. Product announcements during our show provide your company with the most reach through our targeted audienc...
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. All In Mobile is a mobile app development company from Poland. Since 2014, they maintain passion for developing mobile applications for enterprises and startups worldwide.
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors!
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
JETRO showcased Japan Digital Transformation Pavilion at SYS-CON's 21st International Cloud Expo® at the Santa Clara Convention Center in Santa Clara, CA. The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get...
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
The now mainstream platform changes stemming from the first Internet boom brought many changes but didn’t really change the basic relationship between servers and the applications running on them. In fact, that was sort of the point. In his session at 18th Cloud Expo, Gordon Haff, senior cloud strategy marketing and evangelism manager at Red Hat, will discuss how today’s workloads require a new model and a new platform for development and execution. The platform must handle a wide range of rec...
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
"We view the cloud not as a specific technology but as a way of doing business and that way of doing business is transforming the way software, infrastructure and services are being delivered to business," explained Matthew Rosen, CEO and Director at Fusion, in this SYS-CON.tv interview at 18th Cloud Expo (http://www.CloudComputingExpo.com), held June 7-9 at the Javits Center in New York City, NY.
DXWorldEXPO LLC announced today that the upcoming DXWorldEXPO | CloudEXPO New York event will feature 10 companies from Poland to participate at the "Poland Digital Transformation Pavilion" on November 12-13, 2018.