This article initially published in Forbes
Big data, cloud services and mobile technology are having a revolutionary impact on business. Not only are these innovations fueling the modern enterprise, they are also sending security risks sky high. Traditional network perimeters are dissolving as businesses reshape their organizations around these burgeoning technologies.
I actually have a lot of empathy for CISOs. They have one of the hardest jobs in the world these days, especially as the traditional perimeter-based approach to network security rapidly loses its relevance. Enterprise security has changed because the enterprise has changed, drastically so.
Employees aren’t operating in an exclusively Windows environment. They’re not shutting down their desktops and rushing home to watch “The Big Bang Theory.” They’re working all the time, from anywhere. They’re using their own devices. They’re downloading apps the IT department may never have heard of. They’re accessing the cloud constantly, from environments that may not be—probably aren’t—secure.
There’s no way to build a firewall around the modern enterprise. And there’s no way to just port over legacy technology. You can’t take security software designed for the PC world and expect it to protect the enterprise. The PC was never designed to do all things that mobile devices do today. Network security solutions were never designed to handle employees using data and apps in the cloud at virtually anytime, from virtually anywhere.
Simply put, this new era of computing requires a new approach to security. Enterprises facing the challenge of security in today’s work environment need to start with a clean slate. They need to consider solutions that take a fresh approach to data protection, an approach that’s as innovative and as intelligent as the technologies and enterprises they aim to protect. Here are three effective methods for conquering today’s security challenges.
Take a data-driven approach to security
The old days of using PCs and signatures to provide security just does not scale. The attacks are coming too fast and furious. Today’s modern enterprise needs to bring big data to bear on the challenge of mobile security. Specifically, it needs to use big data as a way to parse out an attack and decide what’s real and what’s not.
In fact, data is one of the most effective means of predicting the nature of coming attacks and foreseeing key issues that threaten the organization. One startup that effectively addresses this problem is Lookout. The company has a massive base of users—more than 50 million people—who are using the technology to protect their own mobile devices.
Each one of these devices is also a sensor, gathering data on attacks and feeding that information into a central database. With this immense repository of data, Lookout can analyze and quickly understand attacks in real time and propagate fixes for all of its users. It’s a very effective approach for consumers and for enterprises as well. They can leverage big data on threats to protect themselves and their mobile workers. This should be one of the core tenets of enterprise security going forward.
Shed some light on the cloud
If you’re in enterprise IT, like it or not, your organization’s employees are using Salesforce, they’re using Workday, they’re using a hundred other apps in the cloud. They’re also using a lot of applications you don’t know about, so-called shadow IT. What the enterprise needs is a way to intelligently and automatically know who is getting access to their cloud applications.
Netskope is a startup that enables enterprises to track the cloud apps that workers are using, create access policies around those apps and provide the governance and the compliance necessary for them. So, instead of taking a sledgehammer to their employees’ favorite apps, the IT department can now say “yes” to nearly all apps that people want to use.
Others, like Dropbox or Slack, provide end-user functionality that makes adoption easier than ever. These applications are designed to streamline enterprise tasks (storage and collaboration respectively), while providing total ease-of-mind for IT teams.
Embrace identity as the new perimeter
Identity is a very important aspect of security. There are three primary threat vectors that an enterprise must protect: users, data and applications. Identity is a way to tie the three together and tighten security for the organization. When you know the identity of the user, you know which application and what data assets the user is accessing, which means identity plays a vital role in security.
Centrify is a company that’s taking a fresh approach to identity in a mobile environment. It understands that in world where users switch from device to device the real imperative is not securing a device at a given point of time but continuously securing users and their identity—wherever they happen to be.
In fact, enterprise security is becoming less device-centric and more user-centric. That’s a positive development, because users are now accessing apps and data from anywhere on any number of different devices, from their laptop in the office, from their tablet at home, maybe even from their friend’s smartphone. This is not a bad thing. Enterprises need workers to be mobile to be productive. But they also need a coherent mechanism for identifying users and quickly deciding whether a particular user should be allowed access to this data or that app.
The enterprise trends of today—mobility, cloud services and big data—are redefining the perimeter and requiring that the enterprise think about new ways to secure that perimeter. Sure, there were a lot of great security companies built to protect the old perimeter. But the next great security companies are those that were built to protect mobile and cloud environments from the ground up.