No more trusted endpoints

Share this article:
No more trusted endpoints
No more trusted endpoints

There are always plenty of things to keep the average security practitioner wringing their hands and losing sleep, but most of these factors are driven by external events. Bring-your-own-device (BYOD) and bring-your-own-network (BYON) are different, and pose something more terrifying to the information security practitioner: a radical shifting of the goal posts. The castle we are tasked to defend has up and moved itself somewhere new. After all the effort we've made on moving away from the “crunchy outer shell, squishy underbelly” to a model where security is a part of the information fabric itself, right as that transition finally starts happening, the very thing we're trying to protect changes once more.

Perhaps it's time to start making some tough decisions and run with them. The theater of risk has changed from network service-based attacks to attacks against the endpoint. And the needle has swung to the other extreme. We're obsessed with protecting the endpoint now. Yet as anyone who follows reports of major breaches in the last few years can see, somehow all it takes is for one endpoint to be compromised and the whole house of cards tumbles once again.

Let's start focusing on the actual information, not the systems. Assume your endpoints are compromised at all times – one desktop should not be able to assault the entire network from within, no single access credential should hold all the keys to the kingdom. You can't stop attackers, but you can definitely make it as difficult as possible for them. If BYOD is to become the new normal, we'll need to continue to build security into business processes and operational IT, and that means tradeoffs in convenience versus security. Corporate IT engineers are going to have to take lessons from internet engineers, constructing internal networks as if they were exposed to the general public. 

Share this article:
close

Next Article in Opinions

Sign up to our newsletters

More in Opinions

The cool factor: New tech in banking has an edge

The cool factor: New tech in banking has ...

Disruption is expected; financial crime should be, too.

Me and my job: James Hill senior security architect, Consolidated Data Services

Me and my job: James Hill senior security ...

James Hill senior security architect, Consolidated Data Services (CDS), discusses his role at his organization.

Ahead in the cloud

Ahead in the cloud

Growth businesses are always looking for flexible ways of working that reduce capital and running costs, while securely delivering the data users need, when and where they need it.