The limits of the perimeter security paradigm and on-prem infrastructure in crisis situations

• • • |

The current Covid19 situation is exposing the limits that perimeter security and on-prem infrastructure can take organisations, and their people, in this critical time of #stayinghome.

Are you staying home? Considering the current Covid19 / Sars-Cov-2 / Corona situation, this is what we should all be doing, especially if you have white-collar office role and can have the ability to easily take your laptop home with you. #StayHome to #FlattenTheCurve.

See the chart here.

The Mercury News has designed an amazing interactive chart which documents and tracks the growth in coronavirus cases for China, the United States and six other countries. Unfortunately, it appears that many countries have to invest more effort in order to contain the internal outbreak.

While the containment efforts may be disrupted by contaminated residents returning home, “social distancing” may be one of the most effective measures to slow and starve the spread of infectious diseases with a high R0

See simulation here.

In cases where you have a positive PCR test result, many countries will enact a forced 14 day quarantine on you with strict penalties in case of non-compliance where countries like Singapore and Taiwan have achieved remarkable success. For the rest of us, we are likely to be working from home to do our part.


Are you working remotely from home right now?

In your effort to combat COVID-19 virus, you’re likely sitting on your couch in your underwear and booting up your Lenovo. You still have about 30 minutes until all of those new daily scheduled video calls and teleconferences to keep up with your colleagues.
The first emails pop into your Outlook. Your company migrated to Office 365 last year. You had some concerns about The Evil Cloud (™) back then, but it has been a big improvement in many ways (e.g. no more 150 MB limited mailbox sizes) and you got used to it. The call starts and you try to log on to Microsoft Teams, but nothing works as we exhausted the server.

The meeting organiser sends around alternative phone calls in detail. When you dial in, you just get a busy signal. Ok, call canceled for now… An email from your boss pops up to create today’s TPS reports in SAP until eob (whatever that means during remote work). The system is behind the company firewall, so you have to login via the VPN.

This might be a familiar picture now for many people who have suddenly shifted from on-premise work to virtual (Is that kind of like a “work cloud”?). VPN infrastructure might especially turn out to be the main bottleneck of our new home working reality.

Their capacity was originally planned to support only the typical number of people dialing in from the road or the few teleworkers. Now that everyone is trying it at the same time, you’re creating a kind of bank run on the limited resources.

Expanding this capacity is often not easy if you have to order additional user licenses. But it gets even worse, if you’re at the physical capacity limit. These devices are often still physical metal in the legacy data centers or even in your office building’s basement.

In such case, it is downright impossible to expand now in the short-term and with current supply chain disruptions, in the mid-term too (where do you think these boxes are manufactured?). It is one of those things, which can be replaced by cloud services, but this is a major project, if you haven’t even started.

But I have to ask: Why have you not started?

Google’s BeyondCorp Manifesto is already 5 years old. The path has been clear on where this needs to go, even in a normal mode of operations. The current extraordinary situation exacerbates the problems you already had to begin with.

My suggestion: Start Now.