Hello world!
I think that’s the obligatory first line for any technology blog, right?
But, how do you know I am here? How do you know I exist? I have a blog profile, I have a picture, I have a blog tagged to my name. All of these are contextual clues that I exist in reality, without actually being physically present.
The same contextual clues can be used to integrate identity into your network. For years now, Cisco Security has been discussing the need for pervasive identity on a network. To be clear, identity is not just an IP address. For anyone who doubts that, I challenge you to tell me who that DHCP address lease was lent out to at a given time that the endpoint accessed another endpoint because you need to determine which user at your medical provider hosted files in a samba share. It’s impossible!
There are numerous benefits of using a full set of identifying criteria, as opposed to the legacy use of just IP addressing, to integrate identity into the very fabric of your network. Similar to the ripples in the space time continuum that we heard so much about in Star Trek, the introduction of identity in the network changes the paradigm altogether, adds visibility and abilities to identify phenomena that we never had before.
Starting with this blog post and for the next few, I’m going to share insights on pervasive identity, focusing on architectures to enable identity to be used as a control for overcoming security challenges. Based on my experience as a security services technical leader for Cisco Security Services, I’ll summarize those benefits, challenges to look out for, and how you can approach this on your security journey.
Notice that I specifically use the phrasing “security journey.” While I shudder to think that any consultant or security-focused engineer would ever disagree, the first level-setting conversation I have with all of my clients is that there will never come a time that they will be able to say “we’re as secure as we can get, there’s nothing further that we can do.” The fact remains, no matter what you’ve done to secure your network, there will always be additional threats, threat actors, and methods used to try to exploit your network. Those threats will continue to come from external areas, and will continue to evolve internally as well. Many times, these internal threats are not the ones that one would expect.
To that extent, I’ve been presenting at colleges, executive briefings, and industry conferences for years now on a simplified way to start down the security journey. I boil this down to five straight forward steps:
Let’s look at the challenges I see many organizations contend with, which need to be understood and evaluated as part of the first step: “motivations and challenges.” These major challenges include:
Before we ever get to a point where we can use contextual identity, we need to solve these issues, and I encourage readers to ask the hard question: Where do I fall in relation to these points? Am I at least solving the first two and giving my help desk employee the ability to point to a policy that says “we will not allow personal devices on the network” when the CIO calls in, so they don’t have to fear for their job? Am I providing a structure to enable the business, as opposed to preventing innovation and new ways of doing business for my company’s consumers?
At least attempting to resolve these can be the first step towards a more secure posture, though is the first of many steps to take.
Published with permission from blogs.cisco.com.