Nov 1, 2009
Normal 0 false false false MicrosoftInternetExplorer4
st1:*{behavior:url(#ieooui) } /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;}The Extended Enterprise
For decades, technologists in the security industry believed that the best strategy to protect an organization was to build a strong wall around it. This so-called "perimeter model" assumed that the virtual boundaries of an organization were very similar to the physical boundaries. In the early days of the Internet, this assumption was essentially accurate. Connectivity between an organization and the outside world was limited and easily identified. "Keeping the bad guys out" was the motto, prompting the development of a broad range of network-focused security products.
Today's reality is completely different. Modern business requires that companies expand their traditional perimeter to allow partners, suppliers, auditors, manufacturers, remote offices, and remote employees to access applications and information. We call this new business model the extended enterprise.
Security Challenges of the Extended Enterprise
Now that organizations have opened up their business applications and data to partners, suppliers, internal divisions, and remote workforce, they need to revisit their existing security practices. Just relying on the old perimeter security practices is not sufficient, as those practices do not address many of the new security challenges that come with the extended enterprise.
The Perimeter Has Vanished
A first challenge relates to the existing security infrastructure and how it needs to be changed to span the complete extended enterprise. In the old "perimeter" paradigm, we started from the assumption that we could split our world in two: the trusted inside and the untrusted outside. Everything sitting within the walls of our organization, including users, data, and applications, was supposed to be under our control and didn't require a lot of attention from a security perspective. Everything outside of our organization was beyond our control, so it could not be trusted. The solution was to build a big security wall around that perimeter focused on inspecting incoming network traffic.
