Why We Need to Change the Perimeter
Several trends are driving the need for a change in how we define the perimeter. These trends range from technological developments to operational shifts. Let’s look at three that are especially influential.
The Cloud is Everywhere
Even in the largest enterprises, on-prem resources are losing their attractiveness. It’s simply cheaper, faster, and easier to use the cloud. This is especially true of software solutions. The average employee logs into eight different SaaS solutions regularly. And these SaaS solutions are often not well managed. 71% of companies have at least one SaaS subscription without a billing owner (meaning the employee who signed up has left the organization). IT departments struggle to know who is using what resources and, importantly, who should be using what resources.
With Remote Workforces, the Office is Anywhere
Remote workers rarely work from a single location. They’re typically migrating from home to coworking spaces, to coffee shops. Many of the places they favor have networks of questionable safety with untrusted devices connected to them. VPN tunnels partially help solve this problem, but they’re slow due to capacity issues and expensive due to hardware costs, additional networking, and configuration/management challenges.
Contractors: Temporary, with Quickly-Shifting Access Needs
Contractors present an especially confounding challenge to the perimeter defense model. From temp force nursing staff working for multiple hospitals to accountants pulled in for year-end to engineers doing highly privileged work, to integrate a new product — contractors are inherently difficult to manage from a security standpoint. Their access needs vary widely, and they are often temporary. Additionally, at some point, many are re-staffed in a different capacity or move to a different team within the organization.