Should the channel advise a zero trust approach to network security?
- 20 January, 2016 06:12
Disruption continues to occur inside corporate networks and if 2016 predictions are anything to go by, this isn’t likely to stop.
But does this mean trusted channel partners should advise local organisations to change their network security mindset?
“Managing information security for corporate networks has always been difficult,” says Clem Colman, Principal consultant, UXC Saltbush.
“However, the ability to meaningfully inspect traffic coming in and out of the network isn’t keeping up with the threats.
“Innovations including web, digital, and cloud have accelerated the problem, giving cyber criminals new opportunities to attack.
“The other problem is that users no longer want to live inside the corporate network (the fortress, if you will); they want to access enterprise information and systems from wherever they are using whatever device they have on hand.
“Also, the assets organisations are charged with protecting are also rapidly decamping beyond the castle gates into the cloud.
“The battleground has moved and the challenge now is making sure organisations have the right capabilities in the right places for the next round.”
Colman believes the challenge of delivering services securely “anywhere and anytime” means organisations need to decouple network security from network topology.
In other words, the ability to protect assets, information, and users can no longer be contingent on them living inside the fortress.
“The protection needs to go with them to wherever they want to be or where market forces increasingly dictate they need to be,” he explains.
For Colman, the first part of addressing such a change is to avoid thinking of networks as being divided into trusted, untrusted, and semi-trusted.
“While such terminology isn’t entirely without value, those labels can lead to dangerous assumptions,” he adds.
“For example, when a system in the trusted part of the network is compromised it can potentially leverage this trust to attack its neighbours.
“What’s more, it can usually do so without fear of being detected by the corporate defences, because they’re mostly focused on the boundary between trusted and untrusted parts of the network.”
Looking ahead, Colman says pressure from cloud, mobile workforces, and the changing nature of corporate networks is going to disrupt much of the existing, fortress-based approach to information security.
“But the reality is, those defences have been crumbling for years,” he adds.