.... Ditching the corporate network
Several IT leaders I've discussed this topic with are initially taken aback. Suggesting that a longstanding function of IT, providing an employee network, be abandoned seems like heresy. However, after a bit of consideration, it's intriguing that the notion of a "special" employee network has lasted so long is nearly comical with the advent of remote workers, cloud services, and retrenching IT security away from the endpoint. You're likely already delivering some or all employee services over public networks, and VPN tools can likely fill any gaps.
Using public networks not only reduces your network maintenance and deployment costs, but removes any remaining illusion that the employee network is "secure." The work required to further harden applications and services will likely pay off in allowing your employees to be productive from anywhere, speeding integrations and expansion, and reducing the cost of maintaining dedicated links that glue the employee network together.
Next: Employee devices
If the assumptions that would allow you to stop maintaining an employee network hold true, the next logical extension is abandoning company-issued computing devices. Many companies have introduced Bring Your Own Device programs for mobile phones, and by moving security and maintenance away from the endpoint, these programs could function in a similar manner with employee devices. While there are challenges ranging from how you'll support employees and provision software, to preventing company data from "walking away," providing company-issued devices will likely become like providing company-issued uniforms and shoes: relevant for some specific jobs but a matter of employee preference for most others...
The end of the corporate network is coming
The end of the corporate network is coming
The end of the corporate network is coming
-
perdido
- Posts: 1528
- Joined: Mon 09 Dec 2013, 16:29
- Location: ¿Altair IV , Just north of Eeyore Junction.?
An isolated network with no bridge to the internet will not be hacked through the connection to the internet as there is none.
The push to put information, accessable to anyone, anywhere, with the proper credentials, on a remote internet server creates the risk of that information being stolen.
That sounds like real progress for someone.
Oh, by the way, have you seen this article about the F-35 copycat the chinese have developed?
http://www.defenseone.com/threats/2015/ ... at/121859/
"China is suspected of stealing F-35 design data in 2009. U.S. officials have said classified information was not stolen in that breach, but in 2011 it emerged that China was building a multirole, stealth fighter of its own that could strike targets in the air and on the ground, like the F-35. The J-31 flew for the first time in 2012.
The Pentagon huddled with defense companies in 2007 to urge firms to better protect their networks. Companies are attempting to beef up their cybersecurity, but there is a gap in the security talent, said Justin Harvey, chief security officer for Fidelis Cybersecurity, a firm that works with the U.S. government and private industry."
We have met the enemy and he is us.
Now, if the chinese can just be convinced to put their military R & D on an internet facing server we can all be one big happy family.
The push to put information, accessable to anyone, anywhere, with the proper credentials, on a remote internet server creates the risk of that information being stolen.
That sounds like real progress for someone.
Oh, by the way, have you seen this article about the F-35 copycat the chinese have developed?
http://www.defenseone.com/threats/2015/ ... at/121859/
"China is suspected of stealing F-35 design data in 2009. U.S. officials have said classified information was not stolen in that breach, but in 2011 it emerged that China was building a multirole, stealth fighter of its own that could strike targets in the air and on the ground, like the F-35. The J-31 flew for the first time in 2012.
The Pentagon huddled with defense companies in 2007 to urge firms to better protect their networks. Companies are attempting to beef up their cybersecurity, but there is a gap in the security talent, said Justin Harvey, chief security officer for Fidelis Cybersecurity, a firm that works with the U.S. government and private industry."
We have met the enemy and he is us.
Now, if the chinese can just be convinced to put their military R & D on an internet facing server we can all be one big happy family.
That's only true if you can also prevent anyone from attaching any sort of hardware to your isolated network. All USB ports must be filled with epoxy and so should the parallel and serial port jacks. And make sure there are no wifi transceivers inside any of your computers. Now try to get anything useful done.perdido wrote:An isolated network with no bridge to the internet will not be hacked through the connection to the internet as there is none.
Heard much about Stuxnet and how it got into Iran's closed network of nuclear plant centrifuge controller's?Flash wrote:That's only true if you can also prevent anyone from attaching any sort of hardware to your isolated network. All USB ports must be filled with epoxy and so should the parallel and serial port jacks. And make sure there are no wifi transceivers inside any of your computers. Now try to get anything useful done.
-
perdido
- Posts: 1528
- Joined: Mon 09 Dec 2013, 16:29
- Location: ¿Altair IV , Just north of Eeyore Junction.?
Simply because it is difficult to defend against stupid people is no reason to stop defending against them?drunkjedi wrote:Heard much about Stuxnet and how it got into Iran's closed network of nuclear plant centrifuge controller's?Flash wrote:That's only true if you can also prevent anyone from attaching any sort of hardware to your isolated network. All USB ports must be filled with epoxy and so should the parallel and serial port jacks. And make sure there are no wifi transceivers inside any of your computers. Now try to get anything useful done.
I am just saying true security can only be possible if people using those systems are educated about safe procedures.perdido wrote:Simply because it is difficult to defend against stupid people is no reason to stop defending against them?
Having isolated network gave them sense of security and they didn't pay attention to attacks through pluggable hardware, IMHO.
@Flash - responding to the original post (I don't read the TFA, just your quoted portion)
Unless you're already working in a place where you're expected to bring your own equipment (the "gig" economy ala Uber) or your network security is so lax, I will just say one thing:
This isn't gonna happen, ever.
for reasons for the same reason that most people prefer to live in their own houses and rooms, as opposed to living in a free-for-all commune.
Unless you're already working in a place where you're expected to bring your own equipment (the "gig" economy ala Uber) or your network security is so lax, I will just say one thing:
This isn't gonna happen, ever.
for reasons for the same reason that most people prefer to live in their own houses and rooms, as opposed to living in a free-for-all commune.
Fatdog64 forum links: [url=http://murga-linux.com/puppy/viewtopic.php?t=117546]Latest version[/url] | [url=https://cutt.ly/ke8sn5H]Contributed packages[/url] | [url=https://cutt.ly/se8scrb]ISO builder[/url]