With BeyondCorp, all users and devices reside on a quasi-public network, so no LANs, VPNs, etc., and all users and devices must be authenticated before being granted access to applications and IT services. So what the heck is BeyondCorp? Remember the Speakeasy movies where characters had to knock on the door and say, “Joe sent me,” before being granted admission? Well BeyondCorp is sort of an Internet equivalent of this process. Rather than rolling their own perimeter-free network security on a piecemeal basis, CISOs are looking for someone (anyone!) to step up with a reference architecture they can evaluate and emulate.Įnter Google with BeyondCorp which it describes as, “a new approach to enterprise security” that was highlighted in a recent WSJ blog. Now that these IT initiatives are well established, de-perimeterization requirements have become much more acute at many enterprise organizations. The Jericho Forum was way ahead of its time, preaching de-perimeterization before the deluge of cloud computing, IoT, and mobile devices over the past few years. De-perimeterization is protecting an organization's systems and data on multiple levels by using a mixture of encryption, secure computer protocols, secure computer systems and data-level authentication, rather than the reliance of an organization on its network boundary to the Internet. The removal of a boundary between an organization and the outside world. Wikipedia defines de-perimeterization as: At that time, Jericho Forum was particularly focused on a concept called de-perimeterization. About a decade ago, I was first introduced to the Jericho Forum, an international group of cybersecurity executives committed to defining new infosec tools and architectures.
0 kommentar(er)
