Technology consumerization has resulted in the proliferation of new computer systems in use by enterprises, such as mobile devices in BYOD configurations, and non-traditional computers comprising the Internet of Things (IoT).
Cloud computing infrastructure is supplanting internal IT backend systems as these employee-owned devices are becoming the primary computer of choice at the endpoint. Innovation must provide more granular and elegant solutions to mitigate security risks and enforce organizational policies across any combination of corporate-owned, public and consumer information technology.
The Software Defined Perimeter (SDP) is a collaboration between some of the world’s largest users of cloud computing within CSA’s Enterprise User Council. SDP is a framework of security controls that mitigates network-based attacks on Internet-accessible applications by eliminating connectivity to them until devices and users are authenticated and authorized.
SDP is being designed to be highly complementary to Software Defined Networks (SDN), the popular network layer construct which decouples routing and architectural decisions from the underlying equipment to create virtual networks. SDP traverses several OSI layers to tie applications and users with trusted networks, using vetted security models.
“It is critical to the future of cloud technology that it is demonstrably more secure than legacy IT systems,” said Bob Flores, former CTO of the CIA and Chief Executive Officer of Applicology Incorporated. “SDP is an important component to allow both cloud providers and customers to secure applications all the way from the back end to the consumer device, and we look forward to working with some of the worlds largest enterprises on its development.”
“CSA is making this royalty-free research publicly available in order to catalyze the development of more secure clouds and BYOD deployments,” said Jim Reavis, Executive Director of Cloud Security Alliance. “Some of the largest brands and companies have agreed to participate in this initiative, and will be disclosed in the course of this initiative.”