It’s hard to believe that September will soon be closing out, and we will be starting Q4, the last one of the year.  It is so hard to believe how quickly time has gone by, even with all of this COVID19 craziness.  As I have written about before, the Cybersecurity Landscape is now forever changed.  This has been primarily brought on by the Remote Workforce. 

This is something that will not change in the near future; in fact, many employees are embracing the ability to work in a different location, and businesses are now realizing the sheer cost savings that they are gaining from getting rid of their brick and mortar leases.

One thing that has also changed is the way Corporate America now looks as to how its is protecting its IT and Network Infrastructures (at least that is the hope).  Before COVID19 hit, the traditional model to beefing up the lines of defense has been what s known as “Perimeter Security”.  Although this has been a widely used term, the technical definition of it is as follows:

“It refers to natural barriers or artificially built fortifications that have the goal of keeping intruders out of the area the boundary surrounds.”

(SOURCE:  https://www.cias.it/en/news-en/what-is-perimeter-security/)

In other words, it is the boundary that circles the business in order to protect form threats and intruders from the outside, or external environment.  A very simple example of this is the fence.  You can deploy this to protect the outside boundaries of your house. 

But given the technological advancements of today, and the ever-increasing sophistication level of the Cyberattacker, the concept of “Perimeter Security” is soon vanishing away completely in its entirety/

Here are some of the key reasons why:

*Insider Attacks:

When most people think of a Cyberattack, they typically think it coming in from the outside environment.  This perception has been primarily brought on by the media because the only stories that are really reported are those as the ones as just described.  Rarely do you ever read about an Insider Attack in taking place.  Why is this so?  It is because they are very difficult to track down in the early stages, and once it has been detected, it is very often too late to do anything about it.  For example, it could be a disgruntled employee, or even a third-party contractor.  But with everybody now working virtually, it is even that more difficult to tell who is for real and who is not, even despite all of the authentication mechanisms you may have been in place.

*The lack of Endpoint Security:

Typically, most people are worried about protecting the confidential information and data while it is transit from the device of the end user and the corporate server, and vice versa.  But keep in mind that these connections have endpoints as well.  Very often, these have been neglected, because nobody really ever thought that they could become a point of entry for the Cyberattacker.  Well guess what . . . it now has, and these endpoints have to protected.  You just cannot just cherry pick which ones need to get fortified, all of the endpoints need to!!!

*Third Party Access:

With Corporate America tightening its purse strings ever since COVID19 hit, many businesses have started to outsource some (if not all) of their mission critical applications to third party vendors, because the cost is so much lower.  On the outside you may trust them, but just how deep does this particular level of trust go?  After all, more than likely you will be sharing confidential information and data about with them, and there are all sorts of risks that can happen here.  For example, it could be maliciously used to launch Extortion or Identity Theft Attacks, or there could even be data leakage, whether it is intentional or not.  Keep in mind that if anything like this ever happens to your business, you will ultimately be held responsible, not your third-party vendor!!!  And with the likes of the CCPA and the GDPR now being enforced, the financial penalties can be quite high.

*The adoption of the Cloud:

The Cloud has been around with us for quite some time, but it is not until now that Corporate America is starting to realize the full benefits, especially when it comes to deploying an entire IT/Network Infrastructure into either the AWS or Microsoft Azure.  These include affordability and scalability.  But the reason why this is so is because in the first place everything is in a shared environment.  Now while you might have your own Virtual Machines (VMs) and Virtual Desktops (VDs) that you have created and deployed, you are still considered to be what is known as a “tenant”.  This is exactly the same thing as renting.  While you may have your own space, you are still in a shared access building.  Because of this, anybody could come in and gain entrance, and even enter your own apartment.  This is the same of a Cloud based Infrastructure.  Anything that happens to one platform could leak into your own.

*The rise of the Mobile Apps:

With everybody now WFH, everything is pretty much now done on the Smartphone, making use of the Mobile App.  Many companies have wrestled with the problem of “Shadow IT”. This is where an employee used non authorized software applications in order to do their daily job tasks.  But with the Remote Workforce, this is problem has escalated over 100%, because it is now that much more difficult for the IT Security team to tell whether or not employees are using legitimate apps, let alone even company issued devices.

My Thoughts On This

It is important to keep in mind that the concept of Perimeter Security simply means that only the circle around the business is protected, really nothing on the inside is fortified.  Thus, many businesses are now breaking away from this kind of mindset, and breaking up their internal assets into smaller components, and protecting each one of those. 

A good example of this your Network Infrastructure.  You could break down into smaller segments which are known as “Subnets”.  At each of these levels, you could implement authentication mechanisms so that if a breach were to occur to one Subnet it would not cascade down to the others and cause a massive meltdown.

In this regard, the methodology of the “Zero Trust Framework” is also starting to receive some serious attention.  In this instance, nobody is trusted to gain access to shared resources, not even those employees that have been with you the longest.  Everybody has to go through at least three or more layers of authentication in order to confirm the legitimacy of claiming whom they really are.

Yes, it is an extreme to all degrees – but you know what, given the dynamics of today, this is about the only thing that is left in order to help fully ensure that both your digital and physical assets are safe from a massive security breach from occurring, costing you both customers and reputational damage.