Why is it that advances in data center technology have so far failed to produce decent digital security for enterprises? Even with the newest firewalls, encryption schemes and what more, breaches are an almost daily occurence.

The answer is actually quite simple, as we can read in this article in Processor Magazine. The whole model that has been in use for decades now, relies on keeping bad elements away from its internal systems. Consequently, it assumes that anyone within its perimeters is there for a good, honest reason and leaves him or her alone.

The old model, as Processor describes it, can be compared to the old keep-and-moat model of the dark ages. Networks are trusted zones, keeping strangers out as vehemently as possible. The bridge is only lowered to those who can state that they have business within the walls (and only during daytime).

Problem is of course that modern networks no longer have distinct perimeters, and the city states network have been once are being absorbed in large digital kolkhozes. Whether the network wants to or not, business requires a certain amount of openness now. As the article states:

"Gillis, writing in his new book “Securing the Borderless Network,” identifies two other trends disrupting the enterprise security model:
an online culture among younger employees that mixes their business and
personal lives, and a business environment that requires network access
not only for employees but also contractors, vendors, and service
providers. “All these new trends are leading to more people accessing
more data residing at more places on the Internet from more types of
devices than ever before.”"

However, instead of changing the model altogether, it is suggested that we should just shift it towards individual devices. The good old NAC approach: authenticate on every possible occasion.

That is like carving castles up in mottes-and-bailies. To be honest, that does not strike me as a solution at all. The statement "that network security is irrelevant” is true, the practical problem is that is will requite much from devices and their users.

But so far, I have not yet come across a better suggestion.

Views: 28

Add a Comment

You need to be a member of The Data Center Professionals Network to add comments!

Join The Data Center Professionals Network

Connecting data center industry professionals worldwide. Free membership for eligible professionals.

Events

Follow Us

© 2024   Created by DCPNet Admin.   Powered by

Badges  |  Report an Issue  |  Terms of Service