Traditional endpoints shift
The migration towards the cloud will have an impact on endpoints. As BYOD policies become more and more prevalent, the use of cloud-based business applications on employee owned devices will become far more common. Corporations might provide a stipend for employees to purchase a device of their own choice or just simply require them to use their own. In either case, endpoint security management is changing, including:
- The use of mobile device management technology to allow for the tracking and possible wiping of BYOD devices
- The use of strong authentication regimens to ensure that only authorised devices can interact with corporate cloud applications and services
- The use of full device encryption to protect against data theft from the endpoint
BYOD adoption is an essential component of the move towards flexible working arrangements. A Citrix global market research report, "Workplace of the Future" predicted that by 2020, organisations in Singapore will have the fewest desks in the world, at just 6.09 per 10 knowledge workers.
Critically, the report points out that effective BYOD policy can only be supported with suitable technology and with adequate security controls. While the benefits of enterprise mobility are well documented, a lost or stolen device, or a consumer app that introduces malware, poses a serious risk for any organisation. The ability to enforce policies against mobile devices is, therefore, essential.
Ultimately, as businesses actively increase the number of mobile devices in the workplace, endpoint security controls must be embedded in the base operating system rather than implemented as stand-alone security controls.
Layered security creates gaps
Organisations of all sizes across the world collectively spend billions on security, yet major breaches still occur with alarming frequency. It's obvious the current approach to security is outdated. Defence in depth has created a culture of deploying isolated, point solutions that leave gaps in security defences - the typical CISO deploys several dozen on average throughout their IT ecosystem.
Gaps that exist with defence-in-depth security infrastructures allow attackers to avoid detection, thus maximising potential exposure and loss to the organisation. Not only is the approach outdated, but the technologies being deployed today also won't address the needs of the future. In the future world, these gaps get bigger before they get smaller. Organisations need a new approach to resolve these gaps today and in the future.
Threats are changing, networks are changing - it's time for security to change too. We must no longer look at IT security as a patchwork of "best-in-class" single-purpose products, but rather as an integrated, holistic set of functions, working together to continuously improve security defences. We need to focus on visibility and capability, not tools.
Sign up for Computerworld eNewsletters.