An HR director, a salesperson visiting with your engineering team, and a network administrator walk into office at 9am. Each is carrying a coffee in one hand, a smart phone in their pocket and a laptop over the shoulder. Within minutes of entering the building, they all log in to the Wi-Fi network and blend into the mobile workforce.
These tech-savvy, and Wi-Fi loving users expect to connect and work from anywhere on any device – and they want connectivity without extraneous layers of security that slow them down. It’s this workforce and expectations that are turning security inside out.
What’s happening faster than anyone imagined is the dilution of the fixed perimeter that surrounds the enterprise. Before workforces went mobile, IT invested tons of time and resources into building a crack-free perimeter that prevented outside threats from coming into the enterprise. They locked down the network with gateway firewalls, intrusion prevention systems, anti-spam, URL filtering and other security solutions to close off possible entry points. But in our more mobile-centric world, the biggest threats now come from inside the network.
Infected laptops and smart phones walk right through the front door and connect directly to the network without IT’s knowledge. When you count the attacks initiated from those unsecured user devices, the loss of sensitive data on mobile devices and risky end user behavior, they add up to more than 90 percent of enterprise security breaches.
When Context Controls Connectivity
Between the mobile devices already on the network and the IoT devices that are coming, the inside of the network has become a soft underbelly. It demands a different type of security approach—one that starts on the inside and extends beyond the perimeter, and can adapt to the dynamic nature of users—and mobile-oriented threats—those that can originate from anywhere.
The hallmarks of this security approach are: shared contextual information and adaptive controls based on mobility needs. By recognizing that no two users are alike, an adaptive trust approach allows IT to define more personal policies that are mapped to individuals or groups that share similar roles and business objectives.
User role, device type, ownership, status and location are some of the relevant contextual information that allows IT to create policies that allow or deny access on a case-by-case basis without leaving the enterprise completely exposed to new threats.
A Secure Network is a Healthy Network
Enterprises that have moved to an adaptive trust approach are responding confidently to the demands of BYOD, cloud, and IoT. Consulate Health Care is among the security thought leaders that have moved to an adaptive trust approach that protects against insider threats. The health care center had hundreds of company-issued mobile devices and thousands of guest devices that connected to the network daily, but security wasn’t air tight.
Prior to establishing a valid connection, corporate-owned and personal devices must meet compliance policies. Devices failing to meet requirements are automatically quarantined and the users are asked to resolve the issues.
Once recognized as compliant, patients, residents and family members can complete the self-enrollment process for Internet access that won’t affect the security of the internal network. However, when the center’s health care employees connect to the network, they are granted access to internal resources. Based on user role and device ownership IT can easily define which resources they should have access to – thus reducing the chance of compromising patient information. Consulate is now much more confident that its data and systems are safe from any insider threats.
When enterprises take an adaptive trust approach, IT can make smarter decisions about how users and devices connect and how their access privileges are enforced. This is required for today’s mobile workforce – which will continue to push the boundaries of network security for years to come. In this fast-paced, upwardly mobile world, the best defense is being able to adapt.
