The third installment of our how to rethink remote access series looks at why the policy is so hard to adapt. Is it an issue of internal politics? Is network security technology not being flexible enough? IT expert, Paul Sloof, European IT & TDP Manager at MOL-IT Europe, shares his opinions with us.
My observation is that even though IT security is moving away from perimeter control, technicians are reluctant to do so. Yet, in order to achieve this increased employee productivity through remote mobile access, we have no choice but to let go.
Why are security specialists reluctant to abandon perimeter control? Because perimeter control is relatively easy as it comes with a very clearly marked border. So everyone knows where security measures need to be applied and which devices need to be checked.
Letting go of perimeter control complicates security management significantly as now each individual component needs to be secured and monitored. This implies more work for the security specialist and it makes proving compliance harder.
In short: it is so hard because of network security being inflexible and the people involved are guarding their responsibilities rigidly.