As I discuss IT security strategies and future architectures with clients, there are several inflection points that I don’t think many organizations are prepared for.
Are you ready for the point where:
- More non-employees access our systems and information than actual employees (To be clear – I’m not talking about consumer-facing websites, I’m talking about our internal systems and information opened up for collaboration and inter-enterprise processes).
- More than half of our employees spend the majority of their working hours connected to networks we don’t own and don’t control (airports, hotels, home, wireless, 3G and so on)
- Even on networks we do control, the majority of devices that connect won’t be devices we own or control (mobile devices primarily, but also including contractor machines, employee-owned laptops and so on)
- The majority of server workloads connecting to our network will be virtual machines, not physical machines.
Some of you are already experiencing these. All of these will challenge our traditional assumptions about information security. I’d be interested in your thoughts, including any you think I might have missed.
Category: Next-generation Security Infrastructure Tags: