Focus on changing perimeter protection

October is Cybersecurity Awareness Month. Securing data will likely be a key theme to the month, as data privacy laws and data breaches have increased in both volume and intensity during the pandemic.

As every cybercriminal knows, your data is your company’s most valuable asset. Gaining access to your records and databases is the pot of gold at the end of the rainbow. Protecting your “gold” from theft must be your highest cybersecurity priority, and that security begins at the perimeter.

There’s just one issue with that. The perimeter has shifted. Long gone are the days of everyone in the company stationed to a desktop computer and network connections accessible only from restricted areas. You might think that doesn’t need to be said – not in a world of BYOD, mobile devices, IoT, and now global pandemic-inflicted remote work – yet there are still many organizations who treat their network perimeter as if it is still 2005.

To best address the perimeter is to understand what you are protecting. On-premise servers will have a different perimeter from the public cloud, and every single device connecting to your data will require its unique perimeter.

This is largely due to cloud computing and the devices used to access data applications within the cloud. And while many organizations are making this transition, the reality is that for most of us, our computing behavior is a hybrid. That’s why it is so important for cybersecurity to individualize what we know as perimeter security instead of using a blanket description.

Options for perimeter security

Perimeter security isn’t one tool or system encasing your entire network. It is a system of layers. Think of a home – a fence around the yard is the first layer of protection, but you still need to lock your doors and windows. Even then, there are things you want extra protection for, so you lock things in a safe and set up security cameras to keep a watch on things. With those layers of security in mind, here are the options your organization should consider for its perimeter security.

• Firewalls: The most basic perimeter security; effectively your network or computer’s digital guardian. Traditional firewalls are host-based (protecting a single computer or device) and network-based (designed to protect the entire corporate network). Most operating systems have a built-in firewall; it should be standard on every computer. Network firewalls can be segmented to offer higher levels of protection to certain areas of the infrastructure, and are an important tool for to meet data privacy compliance regulations.
• Next Generation Firewalls: Next gen firewalls go a step further, taking protection to the application level. They can block malware from the network and the application, something traditional firewalls are unable to do, while protecting applications from outside attacks.
• Micro Perimeter: The micro perimeter is your up-close-and-personal layer, your service layer or workload security. It is the security perimeter used for containers and DevOps.
• Edge Security: This is the security level outside the perimeter, and the security perimeter closest to your data. It is the security used for mobile devices and IoT as that data is stored or transmitted away from the data center or the cloud.

Cybersecurity Awareness Month was created to raise awareness of organizational security systems. Protecting the data is the primary goal of cybersecurity, and that protection begins with the gatekeepers around an ever-evolving perimeter.