Firewalls no longer useful, data and access control future

Gazing into his crystal ball, Mark Lewis, president of content management and archiving division at EMC said during his visit to Sydney this week that security will ultimately come down to the protection of data, no matter where it resides.

"It won’t be about anti-virus and firewalls as much as it will be about identity access management. Security will become less and less about the infrastructure and more about the data itself," he said.

Core reasons behind this shift are plenty, however one that stands out for Lewis is the growing mobile workforce. According to IDC, mobile data services will grow by more than 50 percent in 2008, and mobile e-mail will continue to be "the shining star".

“Laptops and mobile computing don’t have such a thing as a firewall," Lewis said. "I want to be able to put data on the laptop but I obviously want to have it secure when it’s there."

Meanwhile, Lewis added that employee access to sensitive data needs to be limited. "Firewalls keep the outsiders out, however it’s been proven that half the bad guys that take data actually work within the company. They’re already allowed in the firewalls,” he said.

Just last month, Jerome Kerviel an employee of French bank Société Générale allegedly stole co-worker access codes and set up false accounts for trading purposes. The bank eventually lost US$7 billion.

According to Patrik Bihammar senior analyst at IDC, the shift could be blamed on the changing attack vector. Attackers are increasingly driven by financial gain, rather than simply wreaking havoc by bringing down systems," said Bihammar in a statement.

Additonally, Lewis said EMC is also seeing an incredible economic drive around compliance, another reason why data and identity security are on the increase.

access control data security firewall emc firewalls no longer infrastructure security security