In a classic defense model, multiple layers of protection with tightly secured checkpoints and gateways surround and protect the crown jewels. All access is controlled and verified at the gateway where authentication and authorization are granted. However, once verified, people are effectively given free rein of the environment.
In cybersecurity, valuable data is surrounded by multiple layers of firewalls, segmentation, authentication, and authorization. And while these components are necessary, they are insufficient due to the “deperimeterization” caused by the move to cloud and mobile.
A problem with this security model is the implied or implicit trust which is granted to persons or services within the walls of the network. The requirement for a new strategy has been accelerated with the need for remote workers. How does an organization build a wall around a resource that exists in multiple locations simultaneously?