In the zone: Physical to network
By BUFFERZONE Team, 6/10/2015
For decades, organizations have relied on zone-based physical security to keep assets safe. And while there are a variety of models in use, typically this approach has three distinct characteristics:
(1) The existence of an outer standard security zone, which is accessible to appropriately authorized visitors who are sometimes escorted.
(2) The existence of an inner high-security zone, which is accessible only to employees or contractors who have undergone security clearance or comprehensive pre-screening, and are registered in the organization’s electronic access control system.
(3) The fact that the high-security zone can only be accessed from the standard security zone. For outsiders, there is no other route.
Not surprisingly, this approach to securing assets has migrated into the world of cybersecurity. For example, in order to thwart would-be cybercriminals, some government agencies, banks, health care firms, insurance companies and other organizations, isolate computers attached to secured networks from those attached to less secure networks, including the internet. For employees, this means that they either have no internet access at work, or that they must use two (or more) different computers. Apart from the obvious usability problem, there is a looming obstacle that prevents the vast majority of organizations from adopting it as a best practice: cost.