Put Your Trust in the Stack
This blog was originally published by Entrust here.
Written by Wayne Lewandowski, Vice President of Sales, Entrust Data Protection Solutions.
Breaches, infiltration, exfiltration, compromised privileges, and interrupted access to critical systems are all parts of a well-written espionage movie, or the outline of a recent cyber-crime successfully executed. You probably have already figured out that this is not an article promoting the next blockbuster from Hollywood.
We are all exposed to a deluge of solutions that can meet the need to block, identify, inform, and neutralize an attack by a bad actor. The question for CIOs and CISOs is what to do next? If you are taking a layered approach to your security, are you covered? Do you really need to expand your investment, or are you truly protected?
As with many things in life, there is not a single answer, nor am I proposing one. While securing the organization involves many elements, all too often one area is forgotten: protecting the critical infrastructure stack with a least privileged access approach.
In other words – secure the stack, not the people.
This is a different paradigm. Rather than blocking bad actors from breaching the network perimeter, this approach is about securing the virtual infrastructure to ensure that only enough privilege is provided to those administering the environment as necessary. We use the analogy of an armored truck team to describe the least privileged model. The armored truck team locks and secures assets that need to be transported and available. Once the assets are locked in the truck, only the driver is permitted to unlock the secure area from the truck’s cab; and only the ‘hopper’ in the passenger seat can retrieve the secured assets for delivery.
Securing the stack versus the people is doing just that. Through a set of controls, the administrators of your virtual infrastructure can ensure that the software-defined data center (SDDC) — in VMware or Containers — is properly maintained and serviced. Nonessential or critical change tasks are not authorized or need additional approval. For example, a task that could impact availability of infrastructure could be eliminated by maliciously or negligently by, deleting or moving critical infrastructure outside a monitored and controlled environment. Another example can be not taking specific actions to allow or restrict the availability of resources that result in non-compliance.
These changes can be based on whether the data is in the data center or the cloud, which systems are being requested, or even the day or time. By defining these rules, the risk of insider theft or misuse, or credentials being compromised, is minimized to what was necessary to allow least privilege access. Along with securing data via enterprise-scale key management and encryption, this becomes a powerful way to protect data and systems from falling prey to a compromise that affects the virtual infrastructure. The result is a dramatic reduction in the risk of non-compliance and unexpected actions, unexpected outages, and vulnerabilities of the workloads.
There is much to consider when looking to mitigate risk and protect the organization from exploits. Don’t make the mistake of thinking that critical infrastructure isn’t susceptible to insider threats or human error. Trust your team but verify the infrastructure that serves your constituents.
Always remember to Secure the Stack!
Sign up to receive CSA's latest blogs
This list receives 1-2 emails a month.