August 2019

Cybersecurity in the Post Perimeter Future?

Post Perimeter Future? 

We know you’re thinking, what on earth is the “Post-Perimeter Future,” and what’s that got to do with my company’s data security? When we’re talking about a “Post Perimeter Future,” we’re suggesting that physical and organizational security practices simply are not as crucial in the new world. If we were truly honest with ourselves, our four walls and moats were never really a secure barrier in our datacenter.  The moats were our firewalls, where all traffic passed and were protected by big, expensive boxes from hardware vendors. But we’ve seen tons of environments that contained many hidden (and forgotten) VPNs and old school modems buried in the infrastructure that bypassed these supposed saviors. Today, “there is no moat.”

The idea that everything within your environment is a high trust zone, and everything outside is a low trust zone; well, it’s just not working. Post-perimeter translates to the new multi-cloud reality and a Cybersecurity approach that is focused entirely on the protection of corporate data. It is a security model for the modern, perimeter-less, cloud-delivered, and privacy-focused world. Any other model is dead.

We Need To Change It Now.

“Set it and forget it” never worked and never will. Change is necessary now, even if you think you have not been hacked. We are not talking about a breached perimeter any longer; we’re talking about the hack that can be flanked from every angle. 

Let us give you an analogy.  Humans used to live in small villages of people they knew and trusted; no one thought to lock their homes.  As the village got larger, more “unknowns” started to arrive with trade and a growing population. Then people began to fortify their homes and started locking their doors and hiring guards. Fast forward, today we let strangers into our house for a variety of reasons when we are not there using smart locks. Because of this, the perimeter has moved again.  Now, it’s common sense to have different WiFi networks in your home. You get the picture. As your business gets bigger, you have more “attack vectors.” You needed a comprehensive automated, decisive plan yesterday.

  

Business man in the middle of a puzzle.

So How Do You Complicate Things For A Hacker In A Cloud Security Environment? 

You may have heard of the “Zero Trust” philosophy used by technology vendors. Since you’ve moved your data into various cloud environments, a new approach is necessary. Now it gets fun. You need to follow these three cybersecurity methodologies: Secret Management, Service Segmentation or “micro-segmentation,” and Data Protection. So, let’s break it down. Secret Management has everything to do with access credentials such as usernames, passwords, and security questions. So here’s a tip from us, really try to make highly complex “passphrases” and use a  password management tool. Service Segmentation has everything to do with establishing a strict set of rules that govern who talks to who. It’s the rules the applications, users, and service providers use to communicate. Another tip from us, establish concise yet scalable rules. Data Protection has everything to do with encrypting all your data, both in-transit, and at-rest. The last tip from us, make sure your data encryption is done right and reviewed regularly. This way, you decrease your chances of exposing additional vulnerabilities. 

The Problem With Complicated Security Measures In The Post Perimeter World

We know, we’ve complicated it for the hacker, but now it’s complicated for you. That’s how you have to operate in the Post-Perimeter Future. Nothing is that easy anymore, and we get that. There are challenges to every cybersecurity solution, and here’s what you need to know about it.

The problem with Secret Management is that it’s laborious to make sure every employee is on the same page as you. Passwords and usernames can easily be mismanaged, and weak credentials make it easier for you to get hacked. Service Management gets tricky when you’re trying to figure out the rules that govern your network. How do you make sure your SaaS and cloud service providers like Microsoft Azure, Amazon Web Services, and Google Cloud Platform are both connected and segmented appropriately. Last but not least, how do you even begin to encrypt your data. We at Framework Security can help you with that; we can make sure your business is protected. Period.

Relaxing boat dock with clouds
Read More