Wave Goodbye to the Perimeter
Organizations move to the cloud because of the advantages in mobility, cost, flexibility, scalability and so on – but it has profound security implications. Traditional security is based on an inside and an outside, and that you can safeguard the inside with a secure perimeter – characterized by the firewall. The cloud does not have an inside and an outside, and so ‘perimeter-thinking’ is not appropriate.
Awareness of the limitations of the perimeter has grown slowly, but the development of cloud services – and the uptake of those services, often outside corporate control (“Shadow IT”) – is happening at terrific speed. Microsoft (like other vendors) has released a range security technologies and capabilities recently, and continues to do so – baking these features into their products (“the biggest security company you have never heard of”).
The Cloud Challenge
There is usually a need for some on-premises remediation, but the biggest change is all about cloud. A reliable underlying identity management infrastructure is more important than ever, and solid governance processes must also be in place to assess risk and compliance. However, corporate data in the cloud or cloud-hybrid world can only be protected by the intelligent application of several complementary capabilities, including the above, but also such features as:
- Identity protection (e.g. assessing risky users and logons, and remediating by forcing further authentication, password reset, or blocking entirely)
- Conditional access (e.g. step-up authentication for sensitive apps)
- Cloud application security (who is using what, and what to do about it)
- Information protection (or data loss prevention – encrypting documents to protect them in motion as well as at rest)
- And may more
Want help from NetPillar’s friendly experts, get in touch today