Tuesday, September 18, 2012

Do security like a start-up or get fired - Identity

This is part of a blog series. For more details, start with the intro.

Identity is the foundation

There's a meme going around at the moment calling Identity the new perimeter. It's not just one vendor or group so I won't name anyone in particular (you know who you are). But I have a fundamental problem with the term "perimeter".

It's not that saying "Identity is the new perimeter" is wrong. I don't disagree with it fundamentally as a concept. But using the term "perimeter" keeps one foot in the past in terms of holding on to the concept of there being one. It isn't there, people. At least not in the traditional sense of there being a virtual barrier keeping the bad guys out.

Mindset is typically the most difficult thing to change in an organisation and if we don't let go of the concept of there being a perimeter, it's difficult to change outdated approaches to how an organisation deals with IT security, even if we tout the virtues of Identity. We need to be stating the fact that Identity is foundational to the enterprise. i.e. Identity is the foundation.

As far as identity is concerned, we need to think about it a little differently than we have in the past. Identity is less about the "who we are" and more about "what we are". We care a lot more about what normal usage patterns look like, what someone is currently doing and what else they could potentially do. In other words, identity today is so much more than it used to mean in the past. It is really about reputation, relationships, context, activity, behaviour and being able to take fast, appropriate action in reaction to things that happen.

We really care if I’m the same person I said I was last week. It is no longer about my username. It should be about context and information within my user session. It’s about being able to knowing at all times that a so called identity is behaving normally and the minute it doesn't, we know about it and are in a position to react.

Initiatives like Access Governance, Security Information and Event Management (SIEM), Identity Provisioning and Access Management are coming together as a single initiative. Traditionally, organisations have split these into separate initiatives, but agile companies treat them as part of the same programme. They are all essential parts of a forward-looking, IT security strategy.

Next up - It's just IT.

No comments: