Q&
MOREY J HABER, CHIEF TECHNOLOGY
OFFICER, BEYONDTRUST
EDITOR’S
or
ey
J
Ha
be
r, C
h
W
d
on
Bey
ief Te
chnology Officer,
st
Tru
e have all heard the expression
that the traditional firewalled
perimeter is dead. In truth,
the cloud, DevOps, mobile and IoT – next
generation technologies that have helped
enable the Digital Transformation – not
only killed the traditional perimeter but
actually expanded the bubble outside of our
own physical data centres and brick and
mortar buildings.
The perimeter and the assets we
consume are now outside of our physical and
electronic control. We do not own or manage
all the places they are present, and they may
50
not even be within our own state, country
or continent. With this in mind, assurances
and management for security are outside of
our control as well and subject only to best
practices and regional governance like GDPR.
Therefore, any risk from a vulnerability
and exploit, to an insecure account or
misconfiguration, can lead to an incident. If
these threats are ignored or not identified,
a breach or the loss of data and a p ersistent
threat actor’s presence is possible.
With the amount of news documenting
breaches only getting worse, awareness
needs to be raised to the highest level of
management regarding the consumption
of Digital Transformation technologies. The
location, security, sharing and proliferation
of data is continuing to expand in the new
bubble (perimeter) and a single pin prick
Security teams need to
avoid any pin prick as
they consider embracing
Digital Transformation
strategies.
(vulnerability or poor authentication model)
can expose everything inside.
This is the real security impact of Digital
Transformation. Data can be in any place at
any time. It can be at rest, in use or in transit.
It may be copied unencrypted even when
the contents are sensitive. It can be shared,
staged, used for development and testing, or
even sold and shared for monetary gain.
It can be in the cloud, on a mobile
device, shared through a file hosting
service and have collaboration features for
updates, edits and publication. The Digital
Transformation is all of these and every
egress and transmission point is potentially
a security weakness.
Security teams must map all the locations
where Digital Transformation may have an
impact on sensitive data and resources.
Teams must secure each authorisation
and authentication point with the best
security practices possible. This also implies
that all resources should be under strict
vulnerability, patch, configuration and
privileged access management.
Security teams need to avoid any pin
prick as they consider embracing Digital
Transformation strategies. Even if they do
not pierce an artery, the amount of blood
loss (data) could be enough to get you in
the news or worse, non-compliant with
regulatory frameworks like GDPR.