Understanding the Dissolving Network Perimeter

In a world of disappearing enterprise borders, IT leaders must shift the security focus to people and data.

istock 591406464

You’ve probably heard a lot over the last few years about the “dissolving network perimeter.” But what does that really mean for your organization, and for the security of your all-important data?

Historically, the network perimeter referred to the physical barriers (such as locked doors) and software barriers (such as firewalls) that protected on-premises data centers and corporate information systems against outside attack. This made sense in an era before ubiquitous Wi Fi and 4G data networks made it possible to access corporate data which shifted to cloud-based SaaS applications remotely using laptops, tablets, and smart phones. 

Enabled by the Internet and mobile technologies, today’s organizations need to enable the remote and mobile workforce which is complemented by the extensive use of outside contractors and “gig” employees. This means storing large volumes of data in the cloud, and sharing everything from sales data to production processes with many people including third-parties “Information ranging from customer lists to product plans and your core intellectual property is everywhere,” says Nicolas Fischbach, global chief technology officer (CTO) of Forcepoint. “It can be created inside the enterprise, be stored on external public clouds, and be accessed and edited on the road.”  

This distributed nature of such data makes it harder (and often useless as it might deliver a false sense of security) to enforce rigid access rules around the physical or virtual walls of your organization. The free movement of data is essential so employees can be productive and customers can transact business whenever they need with as little friction as possible. But setting enterprise data free in the digital universe means organizations must detect whether, for example, an employee is downloading commercially sensitive from the public cloud to a USB drive on their home computer, or sharing a revenue forecast from an email on their smartphone with a stock analyst. And let’s not forget increasing regulatory and consumer demands for both security and privacy.

Focus on Data, People, and Usage Patterns  

The basics of good security are still essential for preventing the misuse of data. These include educating users about the dangers of phishing, properly configuring firewalls, and doing regular security patches. Such steps, known as basic security hygiene, help block the most common vulnerabilities that, by some estimates, cause more than eight out of ten successful exploits.     

But organizations should also devote more attention to the intersection of data and people – understanding the “normal” patterns of how users interact with data, even as it moves among platforms outside the organization’s control. The point is not to look over the user’s shoulder or interfere with their productivity, but to understand their common data usage patterns and determine if any deviation indicates a possible compromise. These could range from an innocent error that turns a phishing email into a ransomware debacle or information leak, or sporadic, anomalous activities that (understood in context) signal the start of a malicious insider threat.

Data loss prevention (DLP) tools can help by monitoring and taking action based on users’ interaction with data. Ideally, such solutions use behavioral analytics and machine learning to cluster incidents in order of business risk, then drive workflows to speed review and remediation. User and Entity Behavior Analytics (UEBA) tools ingest and process many data sources, helping to identify and prioritize high-risk activity within organizations, and detect potentially malicious and compromised user accounts across environments.

The Bottom Line

With a disappearing border between the “inside” and “outside” of the enterprise, “it’s hard to track where data goes,” says Fischbach.It’s on a journey of its own. Once it’s created, you can’t control it unless you take the right steps.”

Today’s security imperative: Develop and/or implement the tools, controls, and capabilities for tracking not only data, but variations in how people use it across myriad internal and external devices, applications, and networks.

Forcepoint’s human-centric cybersecurity system protects your most valuable assets at the human point: The intersection of users and data over networks of different trust levels. Visit www.forcepoint.com