Endpoint security today is responding to the needs of the enterprise in ways it has not in the past, says Technology Editor Peter Stephenson.
Call it pervasive, ubiquitous or whatever, the fact is that today's threats are everywhere and of just about every type one can imagine. Add a semi-permeable perimeter, throw in a dash of hacktivism and you have a pretty nasty brew. Never before has the concept of defense-in-depth been more important as a guiding principle and been so difficult to achieve the blanket protection that the enterprise – especially the large enterprise – needs.
I have said many times in these pages that data is the key issue. If we didn't need to protect the data we wouldn't need network security. If we could just encrypt everything everywhere, we'd be good to go and life would be easy. That would be way too simple. As should be fairly clear, the focus is on the perimeter – or what's left of it – and the data. But there is one more piece that deserves our attention: the endpoint.
In our Group Test, we are examining endpoint security and there are a few surprises in store. Endpoint security today is responding to the needs of the enterprise in ways it has not in the past. That's very good news because we are inviting outsiders into our networks under what we expect to be tightly controlled conditions more and more.
Our First Look this month (click here) addresses the issue of authenticating to the cloud. This is an interesting product that solves a real problem in a creative way. We were impressed by this developer's approach to dealing with software-as-a-service (SaaS) applications in the cloud that did not have a prebuilt/defined interface to its system.
There is a movement today that says, essentially, “Throw out defense-in-depth. It's an outdated concept.” There is some merit in the argument since we must assume that our enterprise has been breached whether we know about it or not. Given that, the naysayers argue, defense-in-depth is a waste of time. My position is exactly the opposite.
Yes, the 100 percent breach probability is likely a safer assumption than figuring that we can keep the bad guys out. Today, we are more concerned about keeping them from doing us harm once they are inside. So why would we not need defense-in-depth to do that? After all, it's all about the data and protecting it on multiple levels seems appropriate. Sounds a lot like defense-in-depth to me.