De-perimeterisation Risk & Security

Solutions

De-perimeterisation Risk & Security

Adapting to the erosion of the security perimeter

The traditional perimeterised architecture was perfectly adequate for an organisation that simply wanted to operate inside its own controlled environment, with e-mail to the outside world.

Today, this type of organisation has almost ceased to exist because today’s business needs demand wider connectivity to support sharing of sensitive information over the Internet (e.g. cloud computing) and IT consumerisation (e.g. Mobile devices & BYOD). While developing online collaboration with business partners, customers, suppliers, and outworkers, organisations have to carefully consider new threats and risks posed by de-perimeterisation principles and related technologies.

How Deloitte can help?

Deloitte can help organisations to address the underlying challenges raised by de-perimeterisation and the move of IT assets, users and data outside of the traditional network perimeter:

  • Security – Assessing and Defining security solutions which are effective in a de-perimeterised architecture
  • Data Privacy – Protecting confidential and private information which migrate to places outside the network boundaries
  • Regulatory Compliance – Ensuring compliance with national and industry regulatory requirements
  • Social & Legal – Defining policies that comply with the applicable legal and social requirements

Deloitte proposition overview

  • Mobile Device & Bring Your Own Device (BYOD) – Assistance for ensuring a controlled deployment of Mobile devices solutions: Defining mobile device strategy and policies, Securing and testing mobile applications and infrastructure, BYOD Readiness, etc.
  • Cloud Computing – Manage risks from adopting cloud services and models (IaaS, PaaS or SaaS) across their deployment lifecycle.
  • End-Users Networks – Assistance for managing risks related to the introduction of end-users networks (i.e. guest/visitor networks): Security policies including Acceptable Use Policy, Wi-Fi security assessment, Legal assessment, etc.
  • Social Media Risk Assessment – Analyse social media strategic objectives and reconciliation with organisational goals and objectives, including assessment of policies, procedures, and technology practices
  • Digital Trust Services – Design, assess and improve digital trust architecture (PKI, Federated IAM, Digital Signature, etc.) for providing organisation with IT security as well as legal value and interoperability of their communications with trust operators, service providers, etc.

Our approach & methodology

Deloitte has developed mature proprietary risk assessment frameworks as well as a specific security methodology in order to address de-perimeterisation challenges:

  • Deloitte Mobile Security Framework
  • Deloitte Cloud Computing Risk and Control Framework 
  • Deloitte Social Media Risk Intelligence Map
     

Contacts

Roland Bastin

Roland Bastin

Partner | Information & Technology Risk

Roland is a partner within the advisory and consulting department and joined the Risk Advisory practice of Deloitte in 2001. He is responsible for IT audit, IT security, IT regulatory compliance, Data... More

Stéphane Hurtaud

Stéphane Hurtaud

Partner | Information & Technology Risk

Stéphane is a partner within our Risk Advisory practice. He has over 21 years of experience in the IT risk, Information Security and IT audit fields, with a strong focus on the financial services indu... More

Maxime Verac

Maxime Verac

Senior Manager | Information & Technology Risk

Maxime Verac is a Senior Manager within Deloitte’s Information & Technology Risk services in Luxembourg. He has 10 years of experience in Information Security. During the last 10 years, as a consultan... More