Visitor Management Special November 2019

| | December 20198By Joseph DiBiase, Director Global Information Security, Interfaces with many of my CISO colleagues, our businesses have been moving (sometimes slowly and sometimes very quickly) to the cloud. We see constant introduction of new SaaS applications and utilization of PaaS and IaaS services from Amazon, Microsoft, and others. At first the security teams pushed back on the use of Cloud but the IT teams and the business saw financial and productivity benefits in using cloud services. Security departments had to figure out how to secure these services. While many security professionals didn't agree with the di-rection of the business, it was our job to secure it no matter which way it was moving. There was a feeling among secu-rity professionals that we were always playing catch up. We had a paradigm of security when all was inside our network that we are adjusting to include the cloud. Is it time to think differently?If you were starting your business today, what would your IT environment look like? Would you have your own IT systems? Would you be running internal email? Would you even have an internal network? I think for most busi-nesses the answers to the above would be no. All of your systems would be built and run in public cloud infrastruc-ture. Email, storage, collaboration, and instant message services would be provided by the likes of Microsoft and Google. Internal networks would just be local LANs with internet access. No network backbone is needed. And, would you provide the end users with laptops or just let them use their own?Protecting an environment like this would require mul-tiple layers of security. Let's start with the endpoint. Strong anti-malware protection, DLP protection, and vulnerabil-ity, configuration, and patch management are required to keep the endpoints secure. These endpoints are all direct-ly on the Internet with no network level protections and need to protect themselves. We have these users today with our sales people and when people work from home or the airport or the hotel. In this new environment, it is all of our users."Identity is the new perimeter." We have been hearing this for years now and in this environment it is paramount. With the Internet being your new corporate network ev-TIME TO THINK DIFFERENTLYA
< Page 7 | Page 9 >