What is it about? (important)
This's gonna be one of the shortest and most important posts, it mostly contains links to other knowledge sources.
Several years ago google published a paper titled “BeyondCorp: A New Approach to Enterprise Security”.
This paper emphasized the InfoSec community has been talking for years, the perimeter security is obsolete.... it really is.
No endpoints should depend on an external entity for their protection same with enterprise applications and services.
Each one of them should behave and be protected as if connected directly to the Internet and their underlying security rules / design / policies / principles should reflect that.
You can find the paper here:
http://static.googleusercontent.com/media/research.google.com/en/us/pubs/archive/43231.pdf
(read it !!!)
and some complementary videos:
https://www.usenix.org/conference/lisa13/enterprise-architecture-beyond-perimeter
https://www.usenix.org/conference/lisa13/managing-macs-google-scale
(watch them !!!)
Google, being a pioneer in security, made a huge step forward towards this concept and made their enterprise applications public, they might not be big on Privacy, but they lead in terms of Security, we can all take a page from their book.
Don't be confused, they did everything correctly,
Their act of removing the perimeter defenses were preceded by carefully planning and turning the infrastructure inside out, protecting the applications and users from external threats by limiting access to the applications and services only to authorized users and devices.
An interesting consequence is the lack of a need to use a VPN when accessing corporate resources, if the request to access a resource can be identified to belong to an active employee and is performed from a secured, corporate device – the connection established will be encrypted by default and the need for VPNs disappears.
Obviously, that ain't gonna fly with the BYOD policy :)
All I would like to share with you on this topic is in the links above, just go through the content.
Commenti