If you use a cloud service or let your employees access company systems from their own smartphones, you’ve probably already noticed how your IT security perimeters has expanded.
What used to be a tightly defined domain behind a firewall has morphed into something that now extends to the far confines of cyberspace.
As a matter of principle, any business data that travels outside the company perimeter is automatically at greater risk, even if enterprises make great efforts to keep the risk delta as small as possible.
However, the macro style solution of a bigger firewall no longer works when you have to deal with the Internet at large. Micro-oriented approaches offer another approach.
In essence, the idea is to equip each piece of data, each application, each system and each user with the security required to function autonomously and securely, whether inside or outside the traditional IT security perimeters.
Instead of an external blanket approach to try to shield everything from harm, security is built in from the inside towards the outside.
- End-user education. Raising the awareness of each individual about the importance of handling information securely is already a big step to improving security inside and out.
- Role-based access to data and apps. Providing IT resources on an as-needed or a need-to-know basis helps reduce abuse, temptation or simply human error.
- Microsegmentation and containers. New computing models, where applications run in their own small world and cannot affect (or infect) others, take the notion of the firewall down to a more effective micro level, where any holes are smaller and risk is more limited.
- Encryption in transit and at rest. By encrypting every piece of data, whether in flight or in storage, companies can substantially reduce the chances of data breaches.
- Security built in at code unit level. For those building their own applications, security tests and reinforcement can (and should) be applied at the lowest levels of code development and from the start.
“Divide and conquer” tactics like these will let you put a micro-oriented IT security strategy into effective practice, diminishing risk and business impact from one end of your expanded IT security perimeter to the other.