BSides Toronto 2020

Redefining the Security Perimeter for the remote workforce
2020-10-17, 13:00–13:20, Twitch

Attendees will learn about the prevalence of identity based attacks, the history and current state of Zero Trust and how they can protect their users by applying modern security principles around their identities and data. Topics covered in this session are especially important as more organizations have shifted to a work from home model due to the recent Covid-19 pandemic

Digital transformation, the cloud and working remotely have made the traditional perimeter-based network defense obsolete. In these unprecedented times, forcing remote users through internal Network infrastructure creates performance bottlenecks and often does more harm than good. Strong Information Security teams operate with an “assume breach” mentality making a VPN connection no longer enough to assure secure access of apps and data. Enter the Zero-Trust security model. With the proliferation of SaaS applications, mobile devices and cloud services, the security perimeter has been redefined. “Never Trust, Always Verify” is the new mantra in which just enough access is granted to strongly authenticated identities on secure, compliant devices in verified locations. These modern security concepts are what makes Identity and Access Management so important, and why identity must be recognized as a modern security perimeter.

Jon Rohrich is a Security & Compliance Technical Specialist at Microsoft Canada with a focus primarily on Identity, Device, Threat, and Information Management. Jon has 8 years’ experience advising IT & Information Security executives from a strategic capacity, at customers across a breadth of industries such as financial services, healthcare, legal, government and more. Jon helps businesses keep pace with the rapidly changing security and threat landscape. Jon holds an array of technical and Security certifications including the Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH). Jon is a Canadian Forces Veteran having served 5 years as an Infantry Soldier and LAV III Gunner in the 1st Battalion, Royal Canadian Regiment prior to pursuing a career in Information Security.