When data centers were housing in a secure, on-premise location and the computer network had a clear boundary, IT organizations could implement a centralized cybersecurity strategy to protect against intrusions. But the dramatic shift to work-at-home environments with multiple connectivity options to the organization’s data base and applications – compounded by the devices and sensors connected to the Internet of things (IoT) – calls for a different approach.
One of the solutions now gaining traction is a cybersecurity mesh, a decentralized concept that focuses on securing the identity of the user or device. The goal is to allow only authorized users (or devices) to access the organization’s network, whether on premises or in the cloud. Ideally, a cybersecurity mesh allows the IT team to manage security from each access point, while blocking an intruder from entering the network.
Gartner named cybersecurity mesh as one of its top ten IT trends for 2021. “The COVID-19 pandemic has accelerated the multi-decade process of turning the digital enterprise inside out,” said Brian Burke, research vice president at Gartner. “We have passed a tipping point — most organizational cyber assets are now outside the traditional physical and logical security perimeters. As anywhere operations continues to evolve, the cybersecurity mesh will become the most practical approach to ensure secure access to, and use of, cloud-located applications and distributed data from uncontrolled devices.”
By 2025, the cybersecurity mesh will support over half of digital access control requests, according to the Gartner report. That’s because it enables anyone to access any digital asset securely from any location allows identity to become the security perimeter.
It should be noted that cybersecurity mesh is a distributed architectural approach to protecting access points rather than a traditional top-down solution. Therefore, it may be better to incorporate this approach in new IT projects during the planning stage, rather than as a “bolt-on” solution afterwards. It can also provide a good discussion topic when reviewing security processes with a cloud services or platform provider.
While a cybersecurity mesh may offer significant benefits, there are certainly challenges as well, beginning with user training and support. Any identity-based authentication system should be simple as well as secure to avoid distractions that reduce a user’s productivity. For instance, a user racing to log onto a collaborative session that has already started might by upset by a lengthy multifactor authentication process. Users who locked themselves out of their smartphones due to access mistakes might be unable to reach the IT help desk with a request to reset a device.
Along with piloting and testing a cybersecurity mesh solution with actual users, IT teams should consider incorporating location- and activity-based analytic tools that send alerts regarding unusual behaviors. For example, an afternoon login from an authenticated “user” in an eastern European country could be regarded as highly suspicious if the real user had accessed the network a few hours earlier from Texas or California. An intruder should also be suspected if a contact center agent who normally accesses only the CRM database was detected trying to penetrate and extract files from the credit card database. With an effective real-time monitoring solution, these “users” could be dropped from the network right away, reducing the risk of serious security breach.
Because of the evolving nature of the enterprise workplace, IAUG members should take a look at cybersecurity mesh strategies and solutions. Hackers are continually trying new ways to access the “crown jewels” in the organization’s database, and IT professionals need to keep pace.