I’m one of the harshest critics of “lift and shifters” - old school net ops people who get one certificates by watching an ACloudGuru video, duplicate their on prem infrastructure and processes to the cloud and don’t go all in on the advantages of it and end up costing their clients more - but nowhere is it considered “legacy” to not use perimeter security.

Honest question: what, in you opinion, is the state-of-the-art approach? Something like BeyondCorp?

I think zero-trust goes into a good direction.

https://www.securityroundtable.org/zero-trust-approach-can-m...