© All rights reserved.
nok nok nok nok
  • Solutions
    • Passwordless Authentication
    • Passkeys
    • Secure Payments
    • Compliance
    • Professional Services
  • Industries
    • Government
    • E-Commerce
    • Financial Services
    • Mobile Network Operators
  • Products
    • Authentication Cloud
    • S3 Suite
    • IoT SDK
  • Resources
    • Demo
    • White Papers
    • Videos
    • Testimonials
  • Company
    • About
    • Team
    • Partners
    • Clients
    • Events
    • News
    • Blog
    • Contact Us
    • Support
Free Trial
Sign In
nok nok
Home / Cybersecurity / The Secure Perimeter is Gone

The Secure Perimeter is Gone

  • Author
    Nok Nok News
  • Published
    17 Oct 2020
  • 0 comments
    Join Conversation
Cybersecurity
Old computer room

We have an opportunity. This year has radically accelerated a fundamental shift that has been going on for quite some time. A core component of our security architecture has been eliminated. 
The “secure perimeter” – an antiquated concept from the days when computers took up an entire room – has all but vanished. “Security”, in those days, was defined by who could physically enter the room. Logical and physical security was centralized. When workstations became commonplace, the secure perimeter was built around the end-point.  Every evolution of computing technology has tried to recreate the physical perimeter in one way or another. But the reliance on “end-point mentality” is fundamentally flawed. After all, end-points can be mimicked, spoofed, and intercepted. As long as we have tried to reinforce this antiquated model, we have missed the mark. The perimeter has continued to vanish over time. 

More and more devices have been deployed, which has created more and more complexity. At the same time, we continue to see more and more data breaches, more and more lost data, more customer confusion, more regulation, more friction and more problems — all of these issues can be traced to the breakdown of the “secure perimeter”. 

Genius has been deployed in inventing and distributing computers whose capabilities vastly outstrip the greatest dreams of our predecessors. But just as the internal components of these computers have evolved with the times, so too do the components of our security architecture need an evolution. Not only has the concept of the “secure perimeter” failed consistently, the concept itself limits what we can do with these new devices if we think differently about them.  

Think Diffferent

In 1997, Steve Jobs challenged us to “Think Different” – we now have the opportunity to think big, think new, think different about how we solve for the vanished perimeter.

2020 is the year that everything changed. Over the last 30 years, there has been a slow, cultural shift breaking down the fortifications of the secure perimeter. Telecommuting, work-from-home, “Bring-Your-Own-Device” and other movements have slowly been eroding the cornerstones of these fortifications. However, while we have had the capability to be a fully remote workforce, it wasn’t until the COVID-19 lockdown started in March that the movement became a stampede, which became an avalanche, which rolled over our concept of a secure perimeter and forced us to reconsider this outmoded concept.

This is a catalyzing moment. One that we can take advantage of to not only fix faulty assumptions, but augment our architecture in such a way as to provide access that our customers, partners and employees never imagined. After all, could you imagine what the world would be like without walls? Imagine feeling safe, secure, protected without needing a fortification.

CAM


As a business executive who was part of the first National Cybersecurity Awareness Month, I will grant that this concept seems terrifying. I share the responsibilities many of you have. I share the responsibility to protect customer data, to guard partner resources, I absolutely need to guard our intellectual property, to ensure that we retain our competitive edge, generating revenue and providing for my employees’ livelihoods. There are regulatory and industry considerations that I, like you, need to take into account. We are all governed by a complex set of risk signals including customer satisfaction, employee needs and more. Doing something “new and visionary” may make for a good sound bite, but sometimes the inertia of the status quo leads to fear-based decisions. 

Many fear-based decisions can lead you down the wrong path and eliminate opportun paths and options. 

When I had the privilege of running PGP, we had a discussion with a major bank. We were talking about encryption and – at the time – encryption was very siloed. At a meeting involving security architects and Line of Business owners, one of my architects asked, “How would your business be different if all of your data was encrypted automatically?”

The Line of Business people said, “Well, that’s preposterous. That’s too hard to do. There are system level changes… and… and… and…”

The bank’s security architect chimed in, “No. We never started with that to begin with. That would dramatically change how we did our business.”

The architecture guys could see that, if they encrypted everything, they could do things more fluidly, with less overhead, less friction. But the Line of Business team didn’t realize the potential and there ensued a disagreement around the table. 

There is an effect that status quo inertia has on business. 

That was a seminal moment for me. I saw the rut. I saw the effect that status quo inertia could have on business decisions. 

As the head of Nok Nok, as someone who was part of the group that proposed what is now the FIDO standard – the standard that was designed from the very beginning to eliminate phishing and account take-over, to eliminate credential stuffing and reduce your attack vectors – as a person who was involved in that, I have seen the same arguments enter this discussion where the people around the table want to solve the problem incrementally and not holistically. Because of that, arguments over budgets, over roles and responsibilities, over a variety of things end up stalling or eliminating changes that could be beneficial. 

There are industry groups that realize that, as much as we have advanced technologies from the days of the mainframe, we have also introduced tremendous risk. This is the 17th year we have emphasized awareness of cybersecurity. But we are still talking about “secure perimeters”. We are still talking about things that are 50, 60 years old. I do not suggest that we wipe the slate clean. I do suggest that we stop solving these problems incrementally, that we start solving them holistically. 

We need to think different. We need to think holistic. 

In the end, we really just have people and devices walking around looking for services. This pandemic has caused a massive explosion in that behavior. People were used to coming and getting services from an office or a building – that entire paradigm has had to be re-thought. While we are re-thinking that, why don’t we take some of the good parts that do work and take some new things, new ideas about what could work and make a better future. 

Nok Nok News
  • Cybersecurity is a Personal Responsibility
    Previous PostCybersecurity is a Personal Responsibility
  • Next PostDeath Due to Cyber Attack Has to be a Wake-up Call
    Death Due to Cyber Attack Has to be a Wake-up Call
  • Cybersecurity is a Personal Responsibility
    Death Due to Cyber Attack Has to be a Wake-up Call

Related Posts

AI Brings Need for Robust Security
Cybersecurity

AI Brings Need for Robust Security

E-Commerce Channels Get Better Security
Cybersecurity E-Commerce

E-Commerce Channels Get Better Security

Leave a Reply (Cancel reply)

Your email address will not be published. Required fields are marked *

*
*

Contact Us

Nok Nok, Inc.
2890 Zanker Rd #203
San Jose, CA 95134

(650) 433-1300

[email protected]

Get Google Maps Directions
footer-logo
fido

Latest Posts

  • Nok Nok: Making Mobile Banking More Secure and Convenient
  • Test Drive the Nok Nok Passkey Authentication Solution
  • Nok Nok at the White House
  • Most Organizations Still Using Phishable Multifactor Auth

Navigation

  • Subscribe
  • Resources
  • Careers
  • Support

Nok Nok Labs, Nok Nok, and NNL are all trademarks of Nok Nok Labs, Inc. © 2023 Nok Nok Labs, Inc.
FIDO is a trademark of the Fast IDentity Online, (FIDO), Alliance. All rights reserved.
Terms Of Use and Privacy Policy

About Us

Founded in Silicon Valey in 2011, Nok Nok is the trusted leader in frictionless, passwordless consumer authentication for the world’s largest organizations.

Recent posts

Nok Nok: Making Mobile Banking More Secure and Convenient

Nok Nok: Making Mobile Banking More Secure and Convenient

19 September 2023
0
74
The Mobile Banking Revolution Affords Freedom Mobile banking has become an integral part...
Test Drive the Nok Nok Passkey Authentication Solution

Test Drive the Nok Nok Passkey Authentication Solution

17 August 2023
0
240
Before you buy a new car, you test drive it. Sometimes you test...
Demo
Free Trial
Videos
Contact Us
Support

Contact Us: (650) 433-1300 • [email protected]

Copy
MUFG-800×600

“Transactions using mobile devices are rapidly spreading and it is essential to support both usability and security. By combining Hitachi’s abundant system development capabilities and know-how in the financial system and security related fields, and Nok Nok’s globally deployed and proven FIDO certified products, we achieved this compatibility, which led to this adoption.”

– Mr. Nobuo Nagaarashi, General Manager, Financial Information Systems 1st Division, Hitachi, Ltd.

 

The M in MUFG stands for Mitsubishi, which is a combination of the words mitsu and hishi. Mitsu means three. Hishi means water chestnut, and the word denotes a rhombus or diamond shape.  In partnership with Hitachi, MUFG has enabled passwordless authentication solutions across many of the bank’s apps and services.

Coverage In The Paypers
Coverage In Finextra
intuit

“As an early adopter of FIDO, we’ve seen significant business benefits and are completely on board with continuing to leverage the latest FIDO innovations with our partner, Nok Nok.”

– Rakan Khalid, Group Product Manager, Identity.

 

Intuit has delivered passwordless authentication across mobile applications and devices using Nok Nok’s S3 Suite. The results have reduced customer friction in their Intuit application experience.

Read The Nok Nok Intuit Case Study
Watch the FIDO Alliance Webinar: The Right Mix
Watch Marcio Mello discuss Intuit’s Nok Nok implementation at Identiverse 2019:
docomo-800×600

“DOCOMO is a worldwide innovator in providing its millions of customers with simple and strong authentication backed by a standards-based approach.”

– Phillip Dunkelberger, President & CEO of Nok Nok Labs.

 

As one of Nok Nok’s earliest customers, NTT DOCOMO became the first carrier to offer a billing system that is enabled by FIDO, the first to offer a federated Identity system integrated FIDO, and was the first to offer a mobile device that authenticates via the iris biometric modality.

Coverage In Find Biometrics
Coverage In Telecompaper
bbva-800×600-2

“Traditionally, one of the biggest challenges of authentication systems has been to balance security with user experience. Due to the FIDO standard, we are confident that both elements work together seamlessly to provide customers with the highest security standards, along with a transparent and agile user experience.”

– Juan Francisco Losa, Global Technology & Information Security Officer.

Nok Nok partnered with banking leader, BBVA to improve the security and user experience of the bank’s mobile banking services through state-of-the-art biometric capabilities.

Coverage In American Banker
Coverage In Planet Biometrics
Softbank-800×600-1

“We can no longer rely on passwords for our financial or other sensitive transactions as they are weak, forgotten and easily hacked. We are very pleased with SoftBank’s decision to choose our standards-based authentication platform for their millions of customers.”

– Phillip Dunkelberger, President & CEO of Nok Nok Labs.

 

Millions of SoftBank’s mobile subscribers now have the ability to use biometrics for authentication through the mobile application “My SoftBank Plus”. With this implementation, SoftBank’s mobile users access data with the My SoftBank service using biometrics for a frictionless, simple and fast authentication experience.

Coverage In Mobile ID World
Coverage In Planet Biometrics
Coverage In The Paypers
Aflac-Japan-800×600-1

“Aflac is the first Japanese insurance provider to deploy a FIDO-certified solution, and we would like to continue collaborating with Nok Nok Labs to introduce it to banks, insurance industry and other industries.”

– Michihiko Ejiri, VP, Head of Portal Service Division, Service Technology Unit, Fujitsu Limited.

With the Nok Nok S3 Suite, Fujitsu has provided Aflac customers with strong authentication to their mobile claims payment application using any biometrics on their iOS and Android devices. The solution also provides Aflac and their customers with a scalable method to authenticate users that is interoperable with their existing security environments and reduces or eliminates the reliance on usernames and passwords.

Coverage In Find Biometrics
Coverage In Find Authority
lichtenstein-800×600-1

“For our customers, we only use the most secure products on the market that meet their requirements. Nok Nok perfectly aligns within our product portfolio and we are proud of the very trusted partnership.”

– Lukas Praml, CEO of YOUNIQX.

 

YOUNIQX Identity AG, the award-winning subsidiary of the Austrian State Printing House (OeSD) and Nok Nok partnered to deliver a electronic identity system (eID) for the citizens of the country of Liechtenstein.  This deployment represents the first time that Nok Nok’s FIDO platform has been used to deliver an eID.

FUN FACT
As of 2009 Liechtenstein’s per capita income was $139,100, the highest of any country in the world.

Learn How FIDO Supports EIDAS Regulation
Coverage In Mobile ID World
Coverage In The Paypers
Coverage In Biometric Update
Gallagher-800×600-1

“Nok Nok’s state-of-the-art, standards-based platform will deliver a tremendous user experience,”

– Steve Bell, Chief Technology Officer at Gallagher

When a horse called Joe took too much of a liking to using a car as a scratching post, owner Bill Gallagher Sr. devised a cunning electrical circuit that delivered a shock whenever the horse rocked the vehicle, and in doing so created a company.  Today, with passwordless authentication from Nok Nok, Gallagher is leading the IoT industry with innovative solutions that work in your office and in the outback.

Coverage In Biometric Update
Coverage In Mobile ID World
Coverage In Planet Biometrics
tmobile-800×600-1

“Our Forgot Password flows were running at about 65%. After we rolled out FIDO by Nok Nok, our forgot passwords dropped to 7%.”

Michael Engan, T-Mobile

 

Using the Nok Nok S3 Suite, T-Mobile has become a leader in carrier adoption of passwordless authentication. Their solutions have reduced forgotten passwords and dramatically improved customer satisfaction.

Watch Michael Engan from T-Mobile talk about their implementation of Nok Nok’s S3 Authentication Suite at Identiverse 2019.

We use cookies on this website to improve functionality and performance, analyze traffic to the website, and enable social media features.  To learn more, please see Cookies in the Privacy Policy. Please click ACCEPT to agree to these terms.

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

3rd Party Cookies

This website uses Google Analytics and other services to collect anonymous information such as the number of visitors to the website and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Additional Cookies

This website uses the following additional cookies:

(List the cookies that you are using on the website here.)

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Cookie Policy

More information about our Cookie Policy

  • 日本語