Picture a medieval town in Europe surrounded by high walls. There’s only one way in through a heavily guarded gate where you will be questioned until you can prove your intentions. Don’t mess up…you may be imprisoned or worse!
Today, everyone comes through the gate freely, and we protect each other with surveillance techniques, law enforcement and citizen observation. Those walls and gates may be nostalgic and romantic, but they are past their usefulness.
See the parallel? Your cybersecurity is on a similar path, though the transition is taking place much faster. Soon, if not already, you won’t have a perimeter. The drive for digital transformation and innovation is creating new challenges for securing your IT assets, especially coping with the vanishing network perimeter.
This article explains the disappearing network perimeter and provides actionable options for your business to deal with this change.
The traditional perimeter security model isn’t suited to today’s business needs and technologies. There are three disruptive trends rendering perimeter security less effective.
The first disruptive trend contributing to the dissolving network perimeter was ‘bring your own device’ (BYOD). Blame Intel, who in 2009 decided to embrace employees connecting to the corporate network using their own smartphones, tablets, and laptops by implementing a BYOD-friendly security policy. As more companies adopt BYOD, the number of endpoints has grown significantly, and potentially unmanaged devices makes perimeter controls far less relevant.
Another huge shift is the large-scale adoption of cloud computing. A recent report found that 82 percent of organizations have a hybrid cloud strategy using an average of 2.6 public cloud platforms. All the latest innovation is happening in the cloud. The software is better, cheaper and best supported when it’s in the cloud. It’s becoming harder and less desirable to force employees thru perimeter controls only to go right back out to a critical cloud application. This trend is happening whether security people want it to or not.
The global Covid-19 pandemic accelerated the rapid adoption of remote work arrangements. Companies scrambled to facilitate remote work, which meant connecting to the corporate network from whatever device is convenient, including home computers, spouses’ or kids’ computers, and smartphones. Getting that back under control has been challenging for many businesses, mostly because employees like this. With employees working from home, you once again have a situation where devices access corporate resources from outside the boundaries of a well-defined perimeter.
Couple these three factors together and you can see why your perimeter is disappearing.
Security professionals have responded to the disappearing perimeter and its dynamics using a number of strategies, including:
● Virtual Private Networks (VPN): by putting everyone through a VPN before they can get to the internal network, you can attempt to extend trust to remote users and re-establish a perimeter between Internet-connected devices and your private network. However, VPNs increasingly create the bizarre situation of users going into the network only to go right back out to the Internet.
● Multi-factor authentication (MFA): requiring users to present two distinct categories of evidence before authenticating them to IT resources helps boost security in the current landscape. From this perspective, MFA is an excellent technology. However, MFA is not always practical, and it can frustrate end-users. And, as the case of Twitter’s Jack Dorsey demonstrated, MFA is fairly easy to hack and only addresses one layer of security.
● Single sign-on (SSO): this is a convenient option for users that provides access to multiple resources with just a single password. While it forces some semblance of control, threat actors have found vulnerabilities in SSO services.
Companies today have reframed the idea of the network perimeter as the endpoint devices from which users access data, applications, and other corporate resources. After all, each endpoint is a potential gateway from which the entire corporate network can be directly compromised. If the endpoint is the new perimeter, the natural question that arises is how can you best defend it?
There are a lot of approaches to defending the endpoint. Leave it to the security industry to create a soup of three-letter-acronyms (TLA’s :)) to solve this. The most complete approach for endpoint protection is Extended Detection and Response (XDR). XDR provides a single platform for gathering and correlating data, detecting advanced threats, and responding to threats across email, endpoints, servers, network traffic, and cloud workloads.
Keep in mind, though, that any endpoint solution, including XDR, creates a lot more alerts. Although XDR uses Artifical IntelligenceI to handle certain responses quickly, you will have more alerts to address. Alert fatigue is a problem for most businesses, resulting in delayed response times and compromise despite having the technology.
If you want the defensive capabilities of XDR on your endpoints without the hassle and cost of building your own Security Operations Center (SOC) to manage everything, Security Pursuit offers Managed Detection and Response (MDR) services thru its Cyber Alliance Program:
● We use leading XDR solutions to protect all your endpoint devices. Servers, laptops, IoT devices, cloud systems, etc.
● We take alerts from your existing security tools and correlate them to give us a complete perspective on your real time security posture.
● We do this 24/7 with oversight of our expert (and happy) staff.
● We provide active threat hunting using tools and expert staff.
● We review and update your Incident Response Plans on a regular basis
● We provide Incident Response support, should you need it.
● We provide regular meetings to discuss emerging threats and changes to your environment so we can tune our MDR service to your evolving situation.
Security Pursuit prides itself on building deep relationships with our clients. If you would like more information onSecurity Pursuit’s MDR solution, email us at