Welcome!

Related Topics: SYS-CON MEDIA

SYS-CON MEDIA: Blog Feed Post

The Endpoint Imperative: The Perimeter is Dead; Long Live the Perimeter!

Cloud, mobility and the Internet of Things have obliterated the traditional perimeter that protected organizations. The result: Higher productivity, but bigger challenges for security, data protection, and mobile device management.

This episode of the “The Endpoint Imperative” podcast series from Intel, Kevin L. Jackson and Intel’s Yasser Rasheed explore the new normal for security, with a focus on the end users.

Kevin: The topic for this episode is,"The Perimeter is Dead, Long Live the Perimeter". With me is Yasser Rasheed Director of Business Client Security with Intel. Yasser welcome back.

Yasser: Hi Kevin, happy to be back.

Kevin: This time, however, I'd like to really talk to you about this security perimeter thing. Cloud mobility and the internet things have really obliterated what I've always referred to as the wall and moat security paradigm, where working inside the enterprise was safe but working outside of the company's walls wasn't. What's pending impact of this evolution?

Yasser: You know Kevin nowadays with the cloud and mobility trends, we as end users we take our devices and work anywhere and everywhere at anytime. We take our laptops and work from home or from a coffee shop or on the go during the trip. The new shift here is really making us re-think how we protect the information that we have access to. The concept or the traditional concept of protecting at the perimeter with the traditional firewalls and gateways is really non-existent anymore. When I'm using my laptop at a coffee shop, I am no longer going through a firewall to access a cloud service. It's imperative for the industry to re-think the concept of listening at the perimeter level from a security perspective.

Kevin: Did the IT team miss the boat with getting a grip on the management of security within this new business ecosystem of today?

Yasser: From my perspective, it's not about missing the boat as much as the industry is moving and evolving very fast and IT organizations, more specifically information security organizations, need to cope with this evolution, and in certain cases may need to be ahead of it. At the same time, by the same token, that evolution is giving an advantage to the hacker community, to the bad guys really, to take advantage of the shift and attack the endpoints. Attack the end users, grab the data, steal the data or lock it in and ask for ransom.

Kevin: These new approaches to information technology have really changed the traditional workplace. Yasser how are IT leaders balancing the benefits of cloud and mobility, things like productivity and accessibility, with the obvious security challenges?


Yasser: Great question Kevin. We know that end users especially the new generations of end users focus tremendously on the ease of use and the productivity, and don't want to be burdened with additional security processes that they don't really comprehend. It's imperative for the IT leaders and information security leaders to balance end-user productivity, the simplicity of integration for IT and the productivity end-user experience for end users. The only way for the industry to evolve and achieve the right level of protection is with the right balance. This is not an easy job to do, however, it's the only way for the industry to keep moving in this direction.

Kevin:
Do you have any advice on how to make security everybody's job in this new normal?

Yasser: Great question. The first thing I advise everyone is for the leaders in the IT and information security industry to educate their teams and their end users. Education is king. We need to first educate them and get them to the level of comfort with the simple attacks like phishing and how scams happen. More importantly, IT organizations and information security organizations need to focus on four priorities. The top one is identity protection. That is really protecting against identity breaches which today constitute 80% or more of the total number of breaches. The second priority is to protect the data. Data protection is really an imperative because the data is the asset that the attackers are going after. The third priority is about detecting and preventing threats, especially the new and advanced threats that we see nowadays where signature-based detection of viruses is no longer sufficient, it's necessary but insufficient. The fourth and last priority is the ability to recover quickly from an event of a breach. The breach is a matter of when it happens, not if it happens, and organizations need to be ready recover quickly to a good level of productivity. These are the four priorities that I recommend the industry to focus on, and more importantly, apply the new techniques based on hardware-based security as opposed to traditional software-based security that is no longer sufficient in this space.

Kevin: With that sound advice we've come to the end of our time for this episode. We really want to thank Yasser Rasheed with Intel for his insights and expertise.

Yasser: Thank you, Kevin, it was a pleasure to be here.

( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)





Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2017)



Read the original blog entry...

More Stories By Kevin Jackson

Kevin Jackson, founder of the GovCloud Network, is an independent technology and business consultant specializing in mission critical solutions. He has served in various senior management positions including VP & GM Cloud Services NJVC, Worldwide Sales Executive for IBM and VP Program Management Office at JP Morgan Chase. His formal education includes MSEE (Computer Engineering), MA National Security & Strategic Studies and a BS Aerospace Engineering. Jackson graduated from the United States Naval Academy in 1979 and retired from the US Navy earning specialties in Space Systems Engineering, Airborne Logistics and Airborne Command and Control. He also served with the National Reconnaissance Office, Operational Support Office, providing tactical support to Navy and Marine Corps forces worldwide. Kevin is the founder and author of “Cloud Musings”, a widely followed blog that focuses on the use of cloud computing by the Federal government. He is also the editor and founder of “Government Cloud Computing” electronic magazine, published at Ulitzer.com. To set up an appointment CLICK HERE

Latest Stories
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Senior Technical Evangelist for NS1. A veteran of the Internet Infrastructure space, he has over a decade of experience with startups, networking protocols and Internet infrastructure, combined with the unique ability to it...
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Vulnerability management is vital for large companies that need to secure containers across thousands of hosts, but many struggle to understand how exposed they are when they discover a new high security vulnerability. In his session at 21st Cloud Expo, John Morello, CTO of Twistlock, addressed this pressing concern by introducing the concept of the “Vulnerability Risk Tree API,” which brings all the data together in a simple REST endpoint, allowing companies to easily grasp the severity of the ...
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
In his session at 21st Cloud Expo, James Henry, Co-CEO/CTO of Calgary Scientific Inc., introduced you to the challenges, solutions and benefits of training AI systems to solve visual problems with an emphasis on improving AIs with continuous training in the field. He explored applications in several industries and discussed technologies that allow the deployment of advanced visualization solutions to the cloud.
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
"NetApp is known as a data management leader but we do a lot more than just data management on-prem with the data centers of our customers. We're also big in the hybrid cloud," explained Wes Talbert, Principal Architect at NetApp, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, provided a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to oper...
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
"Infoblox does DNS, DHCP and IP address management for not only enterprise networks but cloud networks as well. Customers are looking for a single platform that can extend not only in their private enterprise environment but private cloud, public cloud, tracking all the IP space and everything that is going on in that environment," explained Steve Salo, Principal Systems Engineer at Infoblox, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventio...