‘Perimeter security’ for corporate networks is outdated, says Google, as it adopts new model
Google is in the process of a radical change in its approach to IT security, reports the WSJ, moving its data from protected internal networks out onto the Internet.
At first glance, it sounds like a crazy move: moving corporate data from protected internal systems, only accessible within Google buildings and via VPN, to publicly-accessible servers. But Google engineering manager Rory Ward believes that the conventional ‘perimeter security’ model no longer reflects the realities of today’s world.
The perimeter security model is often compared to a medieval castle: a fortress with thick walls, surrounded by a moat, with a heavily guarded single point of entry and exit. Anything located outside the wall is considered dangerous, while anything located inside the wall is trusted. Anyone who makes it past the drawbridge has ready access to the resources of the castle […]
However, with the advent of a mobile workforce, [this approach is] fraught with danger.
In other words, if half your workforce is accessing resources from outside the network anyway, you need a different mindset … Expand