didn’t perimeterless assume more secure endpoints?

I was reading a post from Dan Morrill about mobile security, and it got me thinking. The advancing of consumerland mobile devices putting pressure on corporate networks, most specifically the network perimeter and data diffusion…leads people to start calling for harder endpoints that are resistent to attack. This is long part of the ‘perimeter-less’ viewpoint. One might say to such groups, “Here we are, on the advent of your predictions. So have you solved this?”

But look at our mobile devices. They’re rooted. They’re gaining malware. They’re less known and less supportable by your techs. They’re not centrally managable, and they’re not secured physically. They store passwords, have incomplete security, are rushed to market, and have barely passable in-transit protections.*

In short, they just might be WORSE! Awesome. 🙂

Did you notice that two recent high-profile hacks have dealt with trusting in-transit encryption (Comodo) and [2-factor] auth often used for mobile access (RSA)? Both of these have implications for the current trending towards less perimeters and more mobility (and, grudgingly, “cloud”).

* The difference between a blog like mine and being a journalist is I can get away with making claims without days of research and backing citations. So, nyah!