I had the good fortune last week to read a great post from Maish Saidel-Keesing (@MaishSK) that discussed security models in relation to candy. It reminded me that I’ve been wanting to discuss security models in relation to desserts. And since Maish got me hungry for a Snicker’s bar, I decided to lay out my ideas.
When we look at traditional security models of the past, everything looks similar to creme brûlée. The perimeter is very crunchy, but it protects a soft interior. This is the predominant model of the world where the “bad guys” all live outside of your network. It works when you know where your threats are located. This model is still in use today where companies explicitly trust their user base.
The creme brûlée model doesn’t work when you have large numbers of guest users or BYOD-enabled users. If one of them brings in something that escapes into the network, there’s nothing to stop it from wreaking havoc everywhere. In the past, this has caused massive virus outbreaks and penetrations from things like malicious USB sticks in the parking lot being activated on “trusted” computers internally.
A Slice Of Pie
A more modern security Continue reading