Traditionally, information security has been based on strict dividing lines. Companies wanted to allow only their employees access to important resources and keep everyone else away. Network perimeter security products, such as firewalls, became popular because they established a clear demilitarized zones between insiders and outsiders.

As business moved to the Internet, deciphering the sightlines as to whom should have access to corporate resources has become blurry, and in some case indecipherable. "The corporate network perimeter has had more holes punched in it than a slice of Swiss cheese," says Paul Simmonds, global information security director at ICI, a paints, adhesives and specialty products supplier in the U.K. Simmonds is also the founder of the Jericho Forum, a user-based group preaching de-perimeterization.