Tuesday, December 17, 2019

Word of the Day: deperimeterization

 
Word of the Day WhatIs.com
Daily updates on the latest technology terms | December 17, 2019
deperimeterization

In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication.

In the past, network devices were placed behind a firewall, and security efforts were focused on protecting company data at the perimeter and keeping intruders out. With the advent of ubiquitous connectivity and a mobile workforce, however, administrators began to question whether the traditional border model of IT security was practical.

The concept of deperimeterization was recognized early on by Paul Simmonds of the Jericho Forum, a non-profit group dedicated to "the development of open standards to enable secure, boundaryless information flows across organizations." As early as 2004, Simmonds foresaw that a hardened perimeter security strategy would be impossible to sustain and was fundamentally at odds with an agile business model.

He pointed out that in the early days of the internet, it would take a network administrator from one to six months to set up a new branch office. Tasks involved designing an extension to the corporate wide area network (WAN), negotiating contracts with telecom and Internet service providers (ISPs), installing a local area network (LAN), setting up a virtual private network (VPN) and installing telephones and desktop PCs to get the office up and running.

In contrast, with a deperimeterization model, the administrator simply needs to connect desktop PCs and VoIP telephones to the Internet. This approach follows the principle of least privilege (PoLP). Clients are given authorization to access specific pieces of encrypted data within the company's network on an as-needed basis.

Today, the concept of deperimeterization is closely aligned with the zero trust model. First articulated in 2010 by John Kindervag, then a principal analyst at Forrester Research, the zero-trust security model is a philosophy for designing network security architecture in a way that withholds access until a user, device or even an individual packet has been thoroughly inspected and authenticated.

Quote of the Day

 
"The increasing numbers of users with legitimate reasons to access network resources, coupled with the increasing deprecation of the perimeter by the use of BYOD and cloud, means designating users as being internal or external is increasingly meaningless." - Peter Loshin

Learning Center

 

Achieve network perimeter security through deep segmentation
Firewall effectiveness is in deep decline, but there's still a way to create an effective security perimeter through the practice of deep segmentation. Learn how.

Top 5 reasons for a zero-trust approach to network security
As network perimeters disintegrate and enterprises adopt cloud computing, discover the top reasons organizations are opting for a zero-trust approach to network security.

What is a software-defined perimeter, and do I need it?
An evolving network world requires evolving network security. Learn how software-defined perimeter offers a compelling answer to network vulnerabilities.

How does an identity and access management framework work?
A comprehensive identity and access management framework is an IT necessity. But how do the two components work together?

What are some of the top identity and access management risks?
Identity and access management risks exist, but the benefits of IAM outweigh the drawbacks. What are some of the issues that might arise?

Quiz Yourself

 
What are network firewalls? Test your network security IQ
Firewalls date back to the beginning of the internet, which makes them an essential and longstanding part of network security. This quiz explores these changes and how each type of firewall differs.

Stay in Touch

 

For feedback about any of our definitions or to suggest a new definition, please contact us at: editor@whatIs.com

FOLLOW US

TwitterRSS
About This E-Newsletter
The Word of the Day is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US.

Click to: Unsubscribe.

You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com.

© 2019 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners.

Privacy Policy | Partners List
TechTarget

No comments: