Your organization’s sensitive information is everywhere. If you looked, you would find it on mobile devices, in the cloud and, of course, behind your firewall. So where is your secure perimeter?
Some applications are hosted on-premises, yet are accessible from outside the network using VPNs. Software-as-a-Service (SaaS) business apps are in the cloud, and your organization’s sensitive information now resides in multiple cloud data centers, accessible by employees both on and off the corporate network. Many organizations are migrating some or all of their servers, databases and storage into Infrastructure-as- a-Service (IaaS), while newer ventures that are “born in the cloud” host no in-house infrastructure.
In today’s mixed on-premises and cloud IT environment, securing the network perimeter is not enough and one must take a Zero Trust security approach. The Zero Trust security model moves access control mechanisms from the network perimeter to the actual users, devices and systems. This paper examines five common risks of this “perimeterless” world and proposes five opportunities to strengthen security using modern Identity and Access Management (IAM) solutions.