How to defend the borderless enterprise

aNewDomain.net – Protecting your data is becoming increasingly difficult because it can quickly spread to all edges of the globe. As soon as data is saved in the cloud and stored on a mobile device, the nature of protecting that data changes. The problem is that IT departments are still protecting it with the old paradigm of what used to be the enterprise.

road block

Image Credits: Wikimedia Commons

The new enterprise – a borderless enterprise – requires a different security framework.

The BYOD movement – and stop thinking the “D” is only for device; it’s for services like Evernote and Google Docs as well – has given rise to the borderless enterprise. Securing it is IT’s next big security challenge.

In fact, it may not just be a characteristic of expanding enterprises. Small ad hoc businesses that grew overnight never had a “bordered” enterprise to defend. But they still must find a way to keep their data in the right hands.

But how?

According to RSA, the idea of identity and access management (IAM) is outdated. IT needs to modernize its thinking to meet the security challenges of the borderless enterprise.

“The key is to maintain protection over identity, access and data and to dynamically adjust the level of security to changing risk levels as users travel to remote locations, enter through untrusted networks or access cloud and web-based applications,” said Sam Curry, V.P. of product strategy and data protection.

The current security model requires a single log-in. Authentication may require the strictest security standards money can buy, but once you’re inside it stops paying attention. It only re-emerges when you try to get to a restricted level and you need to authenticate again.

The new security framework continues to monitor your activity after you authenticate. It looks for any uncharacteristic activity, like a PowerPoint presentation getting attached to an email, or a lot of copying and pasting, basically whatever the administrator chooses to watch.

This stops both the internal blunder of losing control of data, intentional or otherwise, and the hacker who has compromised the system by masquerading as a valid user.

“The simple combination of the user name and password is not sufficient to prove digital identities anymore,” said Michael Suby, Stratecast Vice President, Research, Frost & Sullivan.

Over time you build a characteristic behavior and you’ll draw attention to yourself if you deviate from it. The system is watching your meta-activity.

Sound familiar?

With SSL VPN, data is centralized and remote devices are checked for viruses, patching and compliance before users connect to the network. It also prevents unwanted devices from attaching at the perimeter.

RSA handles it differently. It uses rich user profiles to compare real-time user activities and behavior against a historical baseline looking for deviations from “normal.” All the while, it applies big data analytics to the massive data sets to assess risks and distinguish good behavior from bad.

The difference is that the user is always watched and flagged when he or she appears to be doing something out of a typical range of behavior.  In other words, once you’re in the network, the internal surveillance begins.

Dino Londis
Based in New York, Dino Londis is an IT veteran, an alum of The National Lampoon and a senior technologist at aNewDomain.net. Contact him at [email protected]
Dino Londis
Dino Londis
Tags: Cloud Computing,Gadgets & Devices,Technology