Security leaders believe that simplifying the management of security systems will help provide accurate and consistent protection in the post-pandemic world
The cybersecurity landscape saw an accelerated evolution over 2020. The pandemic forced work from remote locations and pushed organizations to move up their plans for cloud services, digital transformation, and several remote access technologies.
At the same time, the conventional operating models will not be completely eliminated or replaced in the majority of the enterprises. Most organizations today have a wide choice of perimeters. This covers the likes of secure access service edge (SASE) to endpoint security, from system-level role-focused access control VPN, which creates huge operational complexity. It is added upon by technical personnel who are probably already burdened, and a workforce that is operating under new strategies.
CISOs point out that despite the increased fragmentation of platforms, security models, and vendors, it remains crucial that applications and data continue to be protected in an appropriate manner. Complexity is the biggest rival of security; thus, it is vital that administering systems are simplified to prevent complexity.
Increased complexity leads to misconfigurations which results in exposures. Enterprises must ensure the transparency of controls as far as possible to the end-users. Security should be viewed as an enabler of access and not frustration that requires circumvention or avoidance.
Enterprises have a solution for this hurdle. As networks expanded, it became illogical and infeasible to handle routing on every individual device through static routing. That would become very inflexible and overly complex. End users needed to be able to easily access the resources and with zero or minimal interference.
Admins making constant updates was also not feasible. Routing protocols Like BGP and RIPv1 allowed for continuous packer handling around multiple vendors and devices with decreased manual intervention. They served a constant control plane across all routing platforms.
Security leaders say that in the current scenario, security infrastructure consists of disparate and potentially layered controls. Such controls are from multiple vendors, with multiple implementations in multiple places, and implement different protection variations.
CIOs believe that digital identity is the most trusted contextual data that identifies who has accessed a system and the mode of access; it provides a control plane. End users are already providing identity, often at multiple points. Systems have already consumed them like the software-as-a-service (SaaS) environments. They may be some of the few available configurable security controls; however, decoupling of security from IP addresses and location is present in various other solutions.
Such solutions can be customized to the needs of the organization and be risk-sensitive, with different phases and methods needed, depending on the accessed resources.
CISOs feel this better as it’s a control plan that can and must be implemented in a phased manner and sets out a path to zero-trust network architecture. They point out that process of building this solution is conceptually simple, and organizations can do extensive preparation.
However, it is vital to check that the technologies being invested in are identity-aware and capable of making differentiated security decisions on the data plane based on the relevant identity, before implementation. Additionally, it is crucial to consolidate identity to a singular source of trust. It entails that the source is single, consistent, and an accurate repository for identity.