The Ashimmy Blog

Now that I have had a few days home from the RSA Conference to digest what I saw and heard, I am more convinced than ever that we are on the cusp of a sea change in IT. This profound rethinking of the way we use information technology is going to mean a huge change in the way the mid-market does business. It will also have a huge impact in designing a successful security strategy in mid-market organizations.

The change we are seeing in IT is the move away from on premises servers on the LAN storing databases and data that are accessed by applications running on desktop and laptop clients.  Instead we will access apps via app servers located in the cloud. The data will reside in the cloud as well.  Our clients will be a variety of mobile-enabled devices ranging from smartphones to tablets/pads and other lightweight devices. They won’t need giant hard drives, as the apps and data won’t live on them. 

This promises to turn the traditional IT equation on its head. You are probably already seeing this dynamic in action with Bring Your Own Device (BYOD) having an impact in your organization, as well as web apps being accessed from all over your network. We won’t have to invest in expensive hardware which needs to be upgraded every two to three years. Even desktop and laptop machines will not be as in demand. It may be that employees bring their own access device of choice into the workplace and you have to deal with it.

This is also a game changer for the information security of your mid-market organization as well. The standard layered security model has resulted in security being deployed in lines. At the perimeter we have built a castle and moat system.  We have invested millions of dollars in this perimeter defense where firewalls, IDS/IPS, gateway A/V and spam filters reside.  Perhaps the greatest culmination of that entire perimeter defense is the UTM (Unified Threat Manager). Moving inward from the perimeter we have invested in identity and network access & monitoring, server or host based defenses and finally endpoint security. 

All of this adds up to lots of security technologies operating often in their own silos. Finally, some of the larger enterprises have invested lots of dollars and time into SEIMs to pull all of this information together into one comprehensive view.

With the change coming to IT, our security model is going to change. Throwing all of the money and iron at the perimeter is going to be a waste. Building a castle locks us in, when our organizations want to get out. With everything we need “out there” we need a lighter, quicker but still secure perimeter. Next Gen Firewalls (NGFW) with their application and identity access control are a great option for these new perimeter defenses.

Identity and device access control is being built into the fabric of our network with smarter and more secure switches. Network monitoring solutions have also taken it up a notch, but overall can our networks just be flatter? If all of the “good stuff” is out there, what zones and areas do we need to establish in here?  Maybe just who can get out there and when?

For server security, that will be a joint venture between your organization and your cloud/hosting provider. The service provider will be expected to provide host based security on the server whether it is physical or virtual.

Finally we come to the endpoint. There are some who say that much of our endpoint security anti-malware products are actually pretty useless today. While I realize there are many attack vectors that go right through our endpoint security, I am not ready to write them off just yet. In fact I think we need endpoint security products that go on our Macs, on our smartphones, on our tablets and everything else we use

Would I like to see them be better and more effective? You bet I would. But just because they could be better, I don’t subscribe to the “they are useless” theory either.

This is of course just a general overview of what we might see. At each level if we drill in there will be more and more changes and adjustments.  At the end of the day we will need to rethink each of our security strategies and see if they are still effective in this new IT architecture.

So how about you? How do you think this change in IT is going to change your security strategy?