Story image

Why endpoint security is critical in a post-perimeter era

22 Nov 18
Sponsored

The refrain of the non-existent perimeter is one that security professionals are hearing more often - but what does it mean in today’s context?

Today, business apps and data have moved to the cloud and employees have gone mobile.

Threat actors are acutely aware of this trend and are already taking full advantage of it.  

The acceleration of BYOD (Bring Your Own Device) policies only compounds this risk, as social media and mobile messaging apps used for personal purposes can be compromised to phish employees and steal corporate data.

For most businesses, this means their data may be accessed from devices they don’t know or trust, over unsecured Wi-Fi networks they don’t control.

Traditional perimeter-based security strategies – once the backbone of enterprise security – simply no longer apply because it can no longer be monitored with the same tools.

However, that doesn’t mean critical information can’t be protected.

It just means a different approach is required –  a post-perimeter approach.

What to protect when there’s no perimeter

Gartner predicts that 80% of worker tasks will take place on a mobile device by 2020.

As a result, organisations must rethink their security policies to follow the endpoints wherever there are.

Post-perimeter security is a new approach to enterprise security centred on the protection of corporate data when accessed by devices outside the corporate perimeter.  

It is a security model for the modern, perimeterless, cloud-delivered, and privacy-focused world.

Post-perimeter security controls access to both the Internet and corporate data based on continuous assessment of risk.

It then modifies access to protect data and users if risk levels are exceeded.

Why we need a zero trust model

The zero trust model was created in 2010 by an analyst at Forrester Research.

The model is centred on the belief that organisations shouldn’t automatically trust anything, whether inside or outside its perimeter.

To establish trust and gain access, users must both prove their identity and validate that their device is free from cyber threats.

A device that has been compromised cannot be trusted and should not be granted access.

In order to monitor the health of a device based on an enterprise’s risk tolerance, the enterprise must have a solution that is able to see into the full spectrum of risk.

Lookout security telemetry from over 170 million devices and 70 million apps informs whether an employee should be allowed to authenticate to corporate resources using the enterprise’s identity solution.

To learn more, download this white paper.

Lookout also delivers phishing and content protection, that addresses phishing attacks beyond email which are more difficult to identify such as SMS, social media apps, messaging apps, and more.

Securing corporate data and protecting employees can no longer be accomplished by legacy security technologies – no matter how many bolt-ons or workarounds you add.

With security at the endpoint, ongoing monitoring for risks can be achieved in real time at the point of contact, wherever that exposure may be.

Contact Lookout for a free demo or to find out how Lookout can help you protect your organisation’s data.

Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.