| Executives October 30, 2018


October 30, 2018

Putting the trust in zero trust: Post-perimeter security for a new age of work

By Aaron Cockerill, Santosh Krishnan

Today, employees have gone mobile as apps and data have moved to the cloud where they can be accessed from anywhere in the world, often through unsecured connections (e.g. a Wi-Fi hotspot). Firewall-centric strategies – once the backbone of enterprise security– are no longer sufficient. With business data and apps everywhere, there's no way to enforce a perimeter around them. In fact, it’s not unusual for new businesses to be entirely cloud-based with no identifiable perimeter at all. That doesn't mean that critical information can’t be protected. It just means a new approach is required – a post-perimeter approach.

Your employees can now access your corporate data from any device, anywhere—making today’s enterprise more productive, more efficient, and more fluid than ever before.

This kind of access, however, means that traditional security technologies, the perimeter, no longer apply. Security must move to the endpoint because devices can no longer be trusted. Enterprises need a new security architecture called post-perimeter security.

This question of security is especially important at a time when threats, such as phishing, are stealthily evolving to take advantage of the perimeter’s shortcomings. The fact is, legacy security measures – like firewalls and secure web gateways – were never designed to protect against modern attacks and are not able to continuously assess risk on an endpoint.

Post-perimeter security revolves around the “Zero Trust” model created in 2010 by an analyst at Forrester Research. Now, years later, Zero Trust is moving into the mainstream. The model is centered on the belief that organizations shouldn’t automatically trust anything, whether inside or outside its perimeter. To establish trust and gain access, users must both prove their identity and validate that their device is free from cyber threats. A device that has been compromised cannot be trusted and should not be granted access.

Continuous Conditional Access and the new security architecture

Enterprises need to change their strategy in a fundamental way, taking a zero-trust stance where any device that accesses your data must be regularly checked to establish its “health.”

In concert with an identity solution like an SSO provider, continuous conditional access determines whether an employee’s device is healthy enough to authenticate and grant access to corporate resources.

With security at the endpoint, ongoing monitoring for risks can be achieved in real time at the point of contact, wherever that exposure may be.

How Lookout enables enterprises to embrace post-perimeter security

Lookout effectively puts the trust in zero trust for enterprises. In order to monitor the health of a device based on an enterprise’s risk tolerance, the enterprise must have a solution that is able to see into the full spectrum of risk. Lookout security telemetry from over 170 million devices and 70 million apps informs whether an employee should be allowed to authenticate to corporate resources using the enterprise’s identity solution.

"Securing mobile endpoints is definitely a priority for us. We see Lookout as a critical layer of protection, both to prevent compromise of our corporate data, and to maintain compliance with all privacy laws."


Christian Jösch, Network administrator, Simon Hegle

Lookout also delivers phishing and content protection, that addresses phishing attacks beyond email, such as SMS, social media apps, messaging apps, and more.

Enabling productivity and security corporate resources are not mutually exclusive

Mobility has redefined not only the way work gets done, but the very boundaries of the enterprise itself. Securing corporate data and protecting employees can no longer be accomplished by legacy security technologies – no matter how many bolt-ons or workarounds you add. That’s because post-perimeter security is different at the core. Corporations that embrace this new architecture will be able to confidently move forward, embrace worker productivity, and secure data in this new age.

Want to learn more? Download our latest report, “Putting the trust in zero trust: Post-perimeter security for a new age of work.


Author

Aaron Cockerill,
Chief Strategy Officer


Author

Santosh Krishnan,
Chief Product Officer