Wednesday, January 5, 2022

Zero Trust Grows from Consumerization of IT

The rise of “zero trust” approaches to security is a recognition of the importance and prevalence of consumerized cloud-based apps, where one must assume there is no difference between apps, processes or identities inside the enterprise and coming from the cloud


In essence, zero trust is built on the assumption that perimeter defense is no longer possible or desirable. Where it once was assumed that operations “inside the perimeter” were safe, zero trust assumes nothing is safe. 


 source: McAfee


In other words, even internal interactions on the enterprise side of the firewall and security system are treated as though they were cloud-based and external operations. In a direct sense, that change in security architecture is directly an outgrowth of the shift to cloud-based applications and mix of consumer tools and “IT-sanctioned tools” in the workplace. 


source: Logrhythm 


Use of “non-sanctioned” employee personal devices and cloud-based apps in the workplace has been quite common for a couple of decades, leading to new corporate approaches to such innovations. 


This phenomenon has been frequently referred to as IT consumerization and is notable because it reversed the typical way information technology diffused. 


In the past, IT innovations were developed for enterprises or big government, then spread to mid-market and then small business before reaching consumers. 


Easy-to-use cloud-based applications  and powerful personal devices (PCs, tablets, smartphones) reversed the process. 


Online data storage, social media, and web-based email services and other personal applications actually originated in consumer markets and then were brought to work. 


Consumerization of IT has also come to encompass user experiences and user interfaces that mimic consumer user experience  and user interfaces. So consumerizing enterprise apps and experiences also became a trend. 


Workers seem to prefer apps and experiences that have a consumer ease of use about them and enterprise apps are being redesigned with that in mind. 


Though initially opposing the trend, most enterprises have learned to live with employees preferring the use of consumer tools (Google Apps, Skype or Dropbox) in addition to, or instead of, enterprise IT alternatives. 


Initially seen as “rogue IT,” widespread use of such consumer tools has reshaped enterprise IT, and produced the zero trust approach to security.


No comments:

Directv-Dish Merger Fails

Directv’’s termination of its deal to merge with EchoStar, apparently because EchoStar bondholders did not approve, means EchoStar continue...