Security is going over the wall and Daniel Headrick believes IT needs to recognize and embrace the concept – or suffer consequences.
“You can’t do what you do on the inside and use that on the outside; that will not solve your issues,” says Headrick, a featured speaker at the Cloud Identity Summit (CIS) and senior enterprise security architect for Fortune 500 powerhouse GE.
The issue is that traditional security boundaries are crumbling under the weight of modern computing.Headrick should know. His network stretches here, there and nearly everywhere and looks like a micro-model of the Internet itself.
The cloud and mobile devices have changed the world of enterprise IT and shifted security concerns. Identity is the logical reaction.
At CIS in Vail, Colo., Headrick will walk through the challenges of externalizing identity and how the point-to-point nature of federation is a model on its way out
“I’m going to expose the security ramifications of the ‘network de-perimeterization,’ how trust models for perimeter and edge level defenses are fading, and how we need to rely on more and more a high-level of assurance and trusted identity,” said Headrick.
He says trusted identity also will serve to secure information inside the enterprise.
“You are going over the wall whether you like it, know it or want to admit it,” he says. “If you don’t get in front of it, it’s going to be a bigger problem to catch up with.”
Headrick believes the industry should be farther along than it is with a trusted identity model; one that is not bound by federations that are negotiated and built in a point-to-point fashion. He says the way in which IT expects the perimeter to protect data should already be shifting.
“Application systems from an IT perspective are going to change,” he says. “The ability to trust secure devices or know what services and applications devices are accessing is decreasing. IT people will have to be much more aware of how to use identity - more so than in the past.”
The results, he says, will provide protection for what is enabled through cloud and external services; will enable a better end-user experience; and should help enable business, business process, and business trust.”
Headrick won’t claim we have all the answers but says now is the time to get in front of this change in the security perimeter.