Page 13 - Cyber Warnings
P. 13
Adaptive Trust Is Needed to Secure the Mobile-First Wireless
Enterprise
By: Gamal Emara, Country Manager UAE at Aruba, a Hewlett Packard Enterprise company
The first priority of defense used to be to secure the perimeter. But changes are shifting the old
concept of a fixed boundary in mobile-first wireless enterprises at a particularly dangerous time.
A few years ago, organizations only needed to contend with lone hackers seeking no more than
bragging rights for breaching a system.
Now, the threat vectors range from global criminals seeking financial gain to nation-states trying
to steal trade secrets or blackmail their victims.
And the threats are escalating with attackers increasingly targeting the proliferating number of
IoT devices that are coming online.
Market researcher Gartner expects that some 6.4 billion “things” will be connected to the IoT
this year, up 30% from 2015 . That rapid increase also has implications for enterprise security.
Consider, for example, the much-publicized breach of a national retailer a few years back. The
attackers gained entry through the systems of an HVAC contractor, which they compromised
after an employee of the contractor opened a phishing email.
Welcome to the enterprise world’s new security nightmare reality: your perimeter now extends
to everyone (and everything) who works for your company’s third party contractors. If that
doesn’t wake you up like an ice cold shower, nothing will.
Back in the era of fixed perimeters, it was relatively easy to identify what to trust and what not to
trust. Anything inside the perimeter was OK; anything outside was treated with suspicion.
But when people and devices are mobile, they move fluidly and freely across the perimeter.
Instead of focusing on the perimeter, we have to focus on the user and the user’s apps and
devices -- in context.
Contextual understanding means assigning access policies according to the context in which
specific users, apps and devices access data resources.
You’ll also need to be prepared to address a myriad of new challenges. What kind of device is
being used?
What applications are on the device? Who is using the device? What time of day is it? From
where is the access taking place?
13 Cyber Warnings E-Magazine December 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
