There’s no turning back: Say goodbye to the perimeter

Geoff Webb, VP, Solution Strategy for NetIQ, the security portfolio of Micro Focus

If you’ve been following the announcements from this year’s Consumer Electronics Show is Las Vegas, you couldn’t have missed Ford’s partnership announcement with Amazon.

Fifteen years ago, who would have foreseen a strategic partnership between what was then essentially an online book seller and a traditional Detroit car manufacturer? Yet, the catalyst of technology innovation changes so many things that being surprised is almost a constant state.

The reason for this oddest of pairings is simple – the IoT changes everything. Ford is evolving and responding to the immense shifts in technology, society, and the workspace, driven by technology and, in part, by the changes in expectation that the technology brings in its wake.

Ford’s desire to partner with Amazon must be seen as part of an ongoing change in the way we use technology. While the automotive industry has consistently been at the forefront of smart device innovation, this partnership goes beyond simply differentiating products by making cars that are a little bit smarter. Connecting Ford’s cars to Amazon Echo directly forges the link between the home and car, and provides a connected experience between the two.

While smartphones enable us to walk out of the office and stay connected, the car is the next frontier for connectivity. Now, a device that connects at home, in the office and in the car forms part of a fabric of connected, smart technology that will be the most visible instantiation of the IoT.

So, what does this mean to the rest of us? Most importantly, what does it mean to those of us who spend our days thinking about keeping systems and data secure?

Individually, of course, Ford building connections between Amazon and their cars isn’t necessarily that much of a change. But the trend represents, as they say, the writing on the wall. The last vestiges of any distinction between being online and offline are rapidly disappearing. Moving from office to car to home will increasingly be one consistent experience, one seamless connected session that follows us around.

And any concept of perimeter, of there being inside or outside, becomes not only ancient history, but rather meaningless. There’s no perimeter, and nothing will replace it. No clever marketing speak, no security snake oil, no wishful thinking of the golden days of the network will bring it back.

Perimeters will have as much relevance as the man who used to walk in front of vehicles with a red flag to warn pedestrians that the vehicle is on its way.

And, as so many of these smart devices will be owned, operated, and maintained by individuals rather than the company they work for, there will be little room for device-centric thinking either. Worrying about enforcing controls on what applications employees are running on their phones will be a thing of the past, as smartphones become simply one more device in a dizzying array of connected devices that will be operating outside of your direct control.

As we finally accept the loss of control over device and network, we will be forced to focus on the critical areas of people and data. The interaction of identity and information will be the nexus for security thinking, and that interaction must be managed wherever and however it occurs. That means that accessing data while walking around the office is now simply a subset of the broader information security challenge.

The IoT won’t only generate data, it will present users with a slew of rapidly emerging and evolving connection points, smart data delivery tools, and a continuous interaction with the online world that follows them from the moment they wake up until the moment they fall asleep.

The new information security world will revolve around establishing reliable identities for people, and maintaining a connection to that identity (and the rights that it entail) regardless of where and how that individual interacts online. It will need us to be flexible, reactive, agile and robust. It will need us to build on what we already have in place because there won’t be time to invent a whole new world.

It will require us to expect the unexpected because as the announcements at CES have shown us, predicting who and what will be bringing this technology together is going to be perhaps the hardest part of all. The reality is that the perimeter provided an anchor, a focal point for security. A place to start. And the new world will sweep those ideas away. Security for this new world will need to be as agile, flexible, and yes, surprising, as the systems, data, and people we will be protecting. It’s a huge challenge, but the gauntlet has already been thrown down, now it’s time to pick it up and move forward.