Story image

Why endpoint security is critical in a post-perimeter era

22 Nov 2018
Sponsored

The refrain of the non-existent perimeter is one that security professionals are hearing more often - but what does it mean in today’s context?

Today, business apps and data have moved to the cloud and employees have gone mobile.

Threat actors are acutely aware of this trend and are already taking full advantage of it.  

The acceleration of BYOD (Bring Your Own Device) policies only compounds this risk, as social media and mobile messaging apps used for personal purposes can be compromised to phish employees and steal corporate data.

For most businesses, this means their data may be accessed from devices they don’t know or trust, over unsecured Wi-Fi networks they don’t control.

Traditional perimeter-based security strategies – once the backbone of enterprise security – simply no longer apply because it can no longer be monitored with the same tools.

However, that doesn’t mean critical information can’t be protected.

It just means a different approach is required –  a post-perimeter approach.

What to protect when there’s no perimeter

Gartner predicts that 80% of worker tasks will take place on a mobile device by 2020.

As a result, organisations must rethink their security policies to follow the endpoints wherever there are.

Post-perimeter security is a new approach to enterprise security centred on the protection of corporate data when accessed by devices outside the corporate perimeter.  

It is a security model for the modern, perimeterless, cloud-delivered, and privacy-focused world.

Post-perimeter security controls access to both the Internet and corporate data based on continuous assessment of risk.

It then modifies access to protect data and users if risk levels are exceeded.

Why we need a zero trust model

The zero trust model was created in 2010 by an analyst at Forrester Research.

The model is centred on the belief that organisations shouldn’t automatically trust anything, whether inside or outside its perimeter.

To establish trust and gain access, users must both prove their identity and validate that their device is free from cyber threats.

A device that has been compromised cannot be trusted and should not be granted access.

In order to monitor the health of a device based on an enterprise’s risk tolerance, the enterprise must have a solution that is able to see into the full spectrum of risk.

Lookout security telemetry from over 170 million devices and 70 million apps informs whether an employee should be allowed to authenticate to corporate resources using the enterprise’s identity solution.

To learn more, download this white paper.

Lookout also delivers phishing and content protection, that addresses phishing attacks beyond email which are more difficult to identify such as SMS, social media apps, messaging apps, and more.

Securing corporate data and protecting employees can no longer be accomplished by legacy security technologies – no matter how many bolt-ons or workarounds you add.

With security at the endpoint, ongoing monitoring for risks can be achieved in real time at the point of contact, wherever that exposure may be.

Contact Lookout for a free demo or to find out how Lookout can help you protect your organisation’s data.

Google doubles down on hybrid cloud strategy
CSP is a platform that aims to simplify building, running, and managing services both on-premise and in the cloud.
In ongoing cloud war, Google to acquire data migration specialist
Google is currently behind AWS and Microsoft in the cloud battle, and it would seem this play is an attempt to claw some ground back.
Interview: CyrusOne’s new Europe president on aggressive expansion
In this exclusive interview Tesh Durvasula shares how the company plans to have a Europe data centre portfolio providing nearly 250 MW by the year’s end.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Pure Storage expands enterprise data management solutions
It has integrated StorReduce technologies for a cloud-native back up platform, and expanded its data fabric solution for cloud-based applications.
HPE launches new real-time processing edge platform
The platform is said to help communication service providers (CSPs) to capitalize on data-intensive, low-latency services for media delivery, connected mobility, and smart cities.
‘Digital twins’ entering mainstream use sooner than expected
The term ‘digital twin’ may sound foreign to some, but Gartner says it is rapidly becoming established among modern organisations.
Infinera launches new ‘disruptive’ network architecture
The new end-to-end network architecture is said to enable instantly scalable, self-optimizing networks that adapt to the demands of specific users and applications.