{"id":8850,"date":"2017-08-22T04:30:31","date_gmt":"2017-08-22T12:30:31","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/08\/22\/news-2623\/"},"modified":"2017-08-22T04:30:31","modified_gmt":"2017-08-22T12:30:31","slug":"news-2623","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/08\/22\/news-2623\/","title":{"rendered":"Is mobile killing the LAN?"},"content":{"rendered":"

<\/p>\n

Credit to Author: Evan Schuman| Date: Tue, 22 Aug 2017 05:11:00 -0700<\/strong><\/p>\n

I was talking with an industry CEO the other day and he offered an intriguing thought. He said that the LAN is dead \u2014 along with its associated routers and hubs and other network hardware \u2014 and that mobile has killed it. But the LAN isn\u2019t dead, I resisted, noting that there are LANs within just about every corporate campus in the country.<\/p>\n

And yet his argument can\u2019t be dismissed. All of the data and security assumptions that existed when LANs came into being have gone away, courtesy of cloud and mobile. Still, I insisted, that\u2019s an argument for why LANs should<\/em> be dead, not that they are.<\/p>\n

Let\u2019s explore this a bit more. The CEO I was chatting with is Steven Sprague, from a cybersecurity vendor called Rivetz<\/a>.<\/p>\n

\u201cOver the last 20 years the user has left the building and works from home and Starbucks. In the last decade, the applications have left the building and are hosted in the cloud on multiple servers in multiple countries. The old network architecture model started with the building or the home as the organizational unit,\u201d Sprague said<\/a>. \u201cEach building used to be its own network, and eventually the buildings in an enterprise were connected providing the corporate network we know today. For years, we have been defending the role of physical buildings, but with the advent of the smartphone, the doors and windows of physical buildings have been blown wide open. The castle paradigm \u2014 physical building with surrounding safety moat \u2014 is giving way to the model of a social network where collaboration takes place worldwide on data in the cloud that is shared and edited in real time.\u201d<\/p>\n

He then laid much of the blame on mobile in general and Apple in particular.<\/p>\n

\u201cThe catalyst was the introduction of the iPhone, where every CEO asked their company to abandon the VPN for email and just make it so their phone logs in directly to get email. Every security professional knew it was wrong, but the job of IT is to serve, not to dictate,\u201d Sprague said in an email. I wondered if he had met the same IT managers I had. \u201cHumans cannot safely manage passwords for access. Once Pandora\u2019s box had been opened by email to enable just username and password access, it paved the way for Salesforce.com and all cloud services to help the corporate applications leave the remaining safety of the castle\/building\/network security model. The result is that today\u2019s typical corporate organization has users at grandma\u2019s house or Starbucks connected to Salesforce.com and other cloud services. And the billions of dollars invested in network security investments are not being used to secure the service.\u201d<\/p>\n

Sprague\u2019s argument \u2014 which is not without merit \u2014 cuts both ways. Today\u2019s typical enterprise shops have plenty of users whose data and physical existence happen well outside of any corporate campus, but they also have plenty of users working out of those campus buildings, sitting mere hundreds of feet from LAN serves housing their data. Also, lots of the users in the \u201coutside group\u201d have at least some data in the LAN, and many of the users in the \u201cinside group\u201d have data in the cloud or on a mobile device.<\/p>\n

What is a CIO in 2017 to do? Candidly, they need to pretty much do what they are doing today, which is support both environments.<\/p>\n

The more interesting question is what should CIOs do five to 10 years from now. If we assume that this data migration will continue onto the cloud and mobile platforms at a steady pace, at what point does <\/em>it make sense to dismantle the LAN infrastructure and insist\/force all users to go external? At some point, the network infrastructure becomes a relic, but we\u2019re not there yet.<\/p>\n

But the other part of Sprague\u2019s argument \u2014 that mobile has forced enterprise security to take a big step backwards \u2014 is more compelling. This forces us again to explore the authentication of device versus authentication of the user debate.<\/a><\/p>\n

No matter whether it\u2019s device or user authentication, few would defend passwords as an authentication method. They should be retired, along with asking for signatures for credit card charges. (What\u2019s the shortest joke in CISO circles? Chip and signature. But seriously, ladies and germs\u2026)<\/p>\n

No, the LAN and its infrastructures and not due for termination, but it\u2019s well past time for IT to embrace far more sophisticated user authentication. VPN use should be soaring, and yet it\u2019s being required less. The move to cloud and mobile doesn\u2019t just mean better authentication is needed. It demands it.<\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Evan Schuman| Date: Tue, 22 Aug 2017 05:11:00 -0700<\/strong><\/p>\n

\n
\n

I was talking with an industry CEO the other day and he offered an intriguing thought. He said that the LAN is dead \u2014 along with its associated routers and hubs and other network hardware \u2014 and that mobile has killed it. But the LAN isn\u2019t dead, I resisted, noting that there are LANs within just about every corporate campus in the country.<\/p>\n

And yet his argument can\u2019t be dismissed. All of the data and security assumptions that existed when LANs came into being have gone away, courtesy of cloud and mobile. Still, I insisted, that\u2019s an argument for why LANs should<\/em> be dead, not that they are.<\/p>\n

Let\u2019s explore this a bit more. The CEO I was chatting with is Steven Sprague, from a cybersecurity vendor called Rivetz<\/a>.<\/p>\n

To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[10554,11080,714],"class_list":["post-8850","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-mobile","tag-networking","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8850","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=8850"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8850\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=8850"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=8850"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=8850"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}