Tuesday, 27 January 2009

Where is the perimeter?

Life was much more simple a couple of years ago when you went to work in the morning, home in the evening and the word remote access was non-existent. I can still remember (yes...I am that old) when the company I worked for got access to Internet for the first time. We did not even think about the perimeter because we installed a Firewall at what we thought was the edge. But what is the situation today? We cannot see an organisation as an island anymore; everyone is a part of a gigantic ecosystem with a never-ending increasing demand for fast access. We work closer with our customers and partners, our staff is more mobile and there are more devices that is connected to Internet. The difference between "private" and "corporate" devices is also blurred. We answer private e-mails and surf on the Internet on our company PC; we want to read company emails on our private PC at home etc etc. Add the Smartphone into the equation and things starts to be really complicated.
So now back to the original question, where is the perimeter of the company? The answer is simple; the edge is at the user so the perimeter is at the mobile phone, the home user or the external consultant who access the network from anywhere there are. The funny thing is that most companies treat the Firewall as the edge, the same security model as we used when we installed Internet 20 years ago.
We need to implement a new architecture for security that takes into account that the world has changed despite what the big firewall vendors tells us.

No comments: