Today's enterprises must constantly create new products and services, expand their geographic presence, streamline operations, and deliver top-notch customer services. To do this, they increasingly will use third-party and cloud services
To stay relevant, enterprises must extend themselves to include new peripheral devices and meet new business scenarios.
Securing the extended enterprise will require strategies that encompass architecture and infrastructure. In an extended enterprise, controlling the entire stack is neither practical nor economical; IT executives must seek to provide assurance wherever their data is and wherever their users are, regardless of location, type of asset, or infrastructure ownership. Forrester recommends that CIOs adopt the high-water-mark principle, a model that defines the movement of a mix of interacting objects toward a desired security level. That security level is the "high-water mark."
Everything that applications and data touch -- including unmanaged customer endpoints, servers living in the cloud and third-party applications that are integrated at runtime -- will need to adopt a high-water mark. If a transaction or interaction can't achieve that level of assurance for any reason, it can't be allowed to occur. The high-water-mark principle has two immediate implications: It enables enterprises to extend security assurance downstream to their consumers and business customers and upstream to their service providers and supply chains.
To apply the high-water-mark principle and secure an extended enterprise, enterprises need to tackle four immediate strategic and tactical priorities.
1: Think zero trust for the extended enterprise
Forrester's Zero Trust Model recommends that enterprises eliminate the idea of a "trusted network" (usually the internal network) versus an "un-trusted" network (usually any external network). The high-water mark must be enforced wherever data goes, regardless of whether that data is inside or outside the company network.
The Zero Trust Model requires that you verify but never trust. Implicit trust assumptions are dangerous because they become obsolete when the environment or technology changes. In an extended enterprise, this is distinctly the case: Workloads might move to the cloud, third-party Web services could replace traditional in-house functions and endpoints could move outside the corporate firewall.
2: Rethink endpoint security
Endpoints will be ubiquitous and mobile, and they will have ever-greater CPU speed and memory capacity. They will store users' personal data and applications and perform personal Internet transactions. At the same time, however, they might access your business applications, process customer credentials and store sensitive data. The high-water-mark principle states that you must ensure the integrity of transactions and the authenticity of credentials that originate from endpoints or are processed by them. These assurances must remain in place even if an endpoint is compromised or the rightful owner of the device no longer controls it (for example, if the device is lost or stolen).
Forrester expects that user endpoints ultimately will become lightweight terminals and rendering devices equipped with modern sensors and ubiquitous connectivity. You don't have to trust (and hence secure) the entire endpoint stack to attain transaction integrity and security, because the device now is just a conduit, not necessarily a trusted computing base.
3: Join the API economy
An extended enterprise forces you to make many changes to your IT infrastructure and applications. One such change manifests in the adoption of application programming interfaces (APIs) for enterprise applications. The direction is clear: Monolithic enterprise applications will disappear and be replaced by a rich, API-driven application environment to expedite time to market and achieve a highly efficient ecosystem (Google Maps and Amazon Web Services, for example). If we extrapolate from this trend, it is distinctly possible that in the future, an enterprise might manage only a user directory and internal databases -- nothing else.
With enterprise application models getting overhauled, a new IT security model emerges as well -- one where security functions can be developed and tested independently, and come together only with business functions at runtime to provide protection.
4: Embrace pervasive identity federation
More on enterprise security strategies
In an extended enterprise, identity information needs to travel in and out to enable a variety of business interactions, regardless of whether the enterprise owns that identity information. For example, your employees may need to interact with your partners' extranet applications, cloud applications and third-party service APIs. Similarly, other enterprises' consumers and employees could need to interact with your externally available applications, services and APIs. In addition, you might offer identity services to your customers to allow them to use third-party applications.
These interactions necessitate some fundamental changes to what we know today as identity and access management, or IAM. To keep up with changes, enterprises will need to make concrete changes to their identity and access infrastructure.
Chenxi Wang is a vice president and principal analyst at Forrester Research Inc., where she serves security and risk professionals.
Let us know what you think about the story; email Christina Torode, News Director.
This was first published in January 2012