As we collectively fully embrace the Cloud, we are seeing a shift away from the centralized systems in business. Especially relative to the Microsoft Windows Active Directory model. The old security and management model is based around a centralized server where all the credentials are managed by IT administrators. This model was designed because IT needed a way to keep its costs down and ensure high reliability. The model was organized around a private network to common services, such as file, email, and print servers.
But we’re now seeing businesses ask the question: “why do we need this model of security?” and the associated costs of setup and maintenance. As employees bring their tablets, iPads, iPhones, and personal laptops to work, they’re asking for access to their work email and other resources. The need to have multiple devices not owned by the organization on a 24/7 basis is producing a shift away from centralized network based security. The cloud is facilitating this movement because people are accustom to getting their apps and their data on their own.
The trend is moving away from local private network security to two different decentralized security models. The first is application security. For example, in the Cloud, the SaaS software application is protecting your data through passwords. We all are accustomed to giving our usernames and passwords to get to our email, Facebook, and Twitter accounts. Once you log in, you have control over the environment, as well as the access and management to your data.
The second is simply file based security. Files traditionally were shared through a secure private network in an unprotected way. If you had access to the protected network resources you could open the file. One of the earliest uses of document level or file level password management was working with an outside attorney on a contract using Microsoft Word revisions. It was common practice to encrypt a file with password and then pass the file back and forth via email. It was understood why this was done. Only the parties privy to the file password had access even though the file was distributed between a public, insecure network. We are increasingly moving toward individual files having protection which allows us to easily share these files over the Cloud with services such as Dropbox or YouSendIt.
There are some implications to decentralized security, the most obvious of which is password management. Passwords in this new model is scattered, and using a password manager service, like the open source tool KeePass will be valuable. These kinds of services allow you to store all the passwords to all your systems and computing resources. It allows you to simply remember one password for your password manager, which will open a world to help you make and manage more complex passwords to all of your computing resources.
Many SaaS companies are part of the growing decentralized phenomenon, and NetSuite is no different. NetSuite has its own security credentials and roles within this new decentralized environment, allowing for secure data and distribution. Companies like Google, with services like Gmail and Google Apps, have their own security. All of these changes are leading the paradigm shift away from Windows Active Directory domain. In many respects, people are personally becoming more responsible for their computing resources. And due to this shift, the centralized security model is moving to the individual which looks decentralized from an IT administrator perspective. Embracing this phenomenon can lead to lower costs and higher profit because we need less equipment and care to take care of security.
Copyright © Marty Zigman 2011
