Tech Field Day

The Independent IT Influencer Event

  • Home
    • The Futurum Group
    • FAQ
    • Staff
  • Sponsors
    • Sponsor List
      • 2025 Sponsors
      • 2024 Sponsors
      • 2023 Sponsors
      • 2022 Sponsors
    • Sponsor Tech Field Day
    • Best of Tech Field Day
    • Results and Metrics
    • Preparing Your Presentation
      • Complete Presentation Guide
      • A Classic Tech Field Day Agenda
      • Field Day Room Setup
      • Presenting to Engineers
  • Delegates
    • Delegate List
      • 2025 Delegates
      • 2024 Delegates
      • 2023 Delegates
      • 2022 Delegates
      • 2021 Delegates
      • 2020 Delegates
      • 2019 Delegates
      • 2018 Delegates
    • Become a Field Day Delegate
    • What Delegates Should Know
  • Events
    • All Events
      • Upcoming
      • Past
    • Field Day
    • Field Day Extra
    • Field Day Exclusive
    • Field Day Experience
    • Field Day Live
    • Field Day Showcase
  • Topics
    • Tech Field Day
    • Cloud Field Day
    • Mobility Field Day
    • Networking Field Day
    • Security Field Day
    • Storage Field Day
  • News
    • Coverage
    • Event News
    • Podcast
  • When autocomplete results are available use up and down arrows to review and enter to go to the desired page. Touch device users, explore by touch or with swipe gestures.
You are here: Home / Videos / Security Field Day Delegate Roundtable: Enforcement

Security Field Day Delegate Roundtable: Enforcement

October 2, 2025 by



Security Field Day 14


This video is part of the appearance, “Security Field Day 14 Delegate Roundtable Discussion“. It was recorded as part of Security Field Day 14 at 11:30-12:00 on September 24, 2025.


Watch on YouTube
Watch on Vimeo

The presentation discusses the best places to enforce security policy, whether that’s on the endpoint, in the network, or in the cloud, while also exploring where security policy enforcement is headed and how it affects practitioners today. The delegates challenge the traditional default of placing enforcement in the network, but quickly acknowledge its necessity in specific situations. For environments with unmanaged devices, such as universities with student BYOD policies or enterprises with a proliferation of IoT devices like cameras and smart appliances, the network remains the only viable enforcement point. These scenarios highlight that a one-size-fits-all approach is impractical; the correct location for enforcement is heavily dependent on the context of the organization, the users, and the types of devices that need protection. The core challenge is applying effective policy without being able to install an agent or directly manage the endpoint.

As the discussion evolves, it addresses how the very structure of the enterprise network has fundamentally changed. The classic three-tier model of core, distribution, and access has been replaced by a modern equivalent for remote work: the cloud, the internet, and the employee’s home. This shift has eliminated the traditional network choke points where security policies were once enforced. In response to this new reality, the conversation shifts to Zero Trust as a necessary paradigm. Rather than defending a perimeter, Zero Trust treats every access request as a distinct transaction. It simplifies security to its core components—a consumer (like a user or service) attempting to access a resource—and mandates authentication for both sides of every interaction. This is a radical departure from simply funneling traffic through a firewall and underscores the need for a new way of thinking about security architecture.

Despite the conceptual advantages, the delegates recognize the immense difficulty of implementing a Zero Trust model in established “brownfield” environments. The primary obstacle is the requirement to understand and map every data flow and application interaction, a task that has historically been nearly impossible. A more pragmatic path forward is to adopt a “protect surface” strategy, applying Zero Trust principles to one critical application or dataset at a time and expanding from there. The roundtable concludes that while emerging technologies like AI may help in mapping these complex environments, they also introduce new risks and regulatory pressures. Ultimately, the key takeaway is that no enforcement strategy—whether it’s network-based, endpoint-based, or Zero Trust—can succeed without first achieving a comprehensive and accurate understanding of the environment being protected.

Personnel: Tom Hollingsworth

  • Bluesky
  • LinkedIn
  • Mastodon
  • RSS
  • Twitter
  • YouTube

Event Calendar

  • Oct 9-Oct 9 — Tech Field Day Exclusive with Microsoft Security
  • Oct 15-Oct 15 — Tech Field Day Experience at NetApp INSIGHT 2025
  • Oct 22-Oct 23 — Cloud Field Day 24
  • Oct 29-Oct 30 — AI Field Day 7
  • Nov 5-Nov 6 — Networking Field Day 39
  • Nov 11-Nov 12 — Tech Field Day at KubeCon North America 2025
  • Jan 28-Jan 29 — AI Infrastructure Field Day 4
  • Apr 29-Apr 30 — Security Field Day 15

Latest Coverage

  • Hammerspace and the Open Flash Platform at #AIIFD3
  • How Mainframe Observability Bridges Legacy and Modern Systems
  • Share Cleveland 25 Took Mainframe to the Next Level
  • PopUp Mainframe: The Key to Faster, Cheaper, and Better Mainframe DevOps
  • Using Agentic AI to Assist Resilience with Opengear

Tech Field Day News

  • The Latest in Cybersecurity Innovation at Security Field Day 14
  • Pushing the Boundaries of AI Performance, Scale, and Innovation at AI Infrastructure Field Day 3

Return to top of page

Copyright © 2025 · Genesis Framework · WordPress · Log in