Allowing your users administrative rights under their Windows desktop certainly makes their life easier, but it can cause significant headaches for your sysadmins — and it also opens up a wide variety of vulnerabilities.
A recent study from security vendor Avecto found that 94% of critical vulnerabilities announced by Microsoft could be mitigated by simply removing administrative rights. These vulnerabilities range from phishing attacks that can hijack the system via applications like Microsoft Word to packets that are specially crafted to hit Windows Server. In most cases, they can be leveraged to remotely execute code and take control of the PC, potentially accessing sensitive data and applications deeper within the network.
Many modern workplaces allow users more leeway over the configuration of their workstations, as computer-savvy employees are often more productive when they have applications set up the way they want. But with shutting down admin rights proving to be a relatively easy and strong method of eliminating vulnerabilities, should you risk enabling them?
The answer is probably not...with some caveats.
While debt can be a useful tool for funding your organization (Green House Data is in fact currently leveraging debt as part of our expansion plans), you need to have a payment plan and carefully manage your debt in order to continue solvency. No business owner who wants to succeed would ignore debt and just hope it sorts itself out, or pay only the minimum required to avoid bankruptcy.
Technical debt shouldn’t be ignored, either. The term refers to the practice of putting off critical infrastructure or software upgrades. Out of date systems pile up — whether it’s your overall systems architecture, an aging switch that can’t handle new network speeds, or an application that only runs on 32-bit servers — and become a mess of band-aided solutions that are ready to fall apart at any moment.
Executives should take technical debt seriously. When your CTO or IT Manager tells you they need to focus budget and staff on reducing technical debt, it’s time to listen.
Juggling security in the cloud can seem like an insurmountable task, especially when hybrid cloud and multicloud environments come into play. While your cloud service provider (CSP) can help manage some layers of cloud security, you’ll still be left with management of at least your users and data, if not your application layer.
One way to help keep track of all the security vectors within your organization is to divide them into these ten zones of enterprise cloud security. Any cloud security policy should cover each of these areas. You can also assign a single engineer or administrator to have ownership over each zone.
Focusing on cloud initiatives as a technology problem rather than business realignment can be a major mistake. Success in the cloud comes from more than just telling your CTO that you want your systems on a cloud platform. It requires a shift in overall business strategy and clear messaging from leadership on down.
You need to identify your business goals and work backwards from there to figure out how specific cloud technologies can help solve them. This may involve the creation of a cloud team or adjusting your organization to be an agile, “DevOps” style operation.
Ultimately the core technologies your team will use in the cloud aren’t much different than the old model of IT (at least if you were already virtualized), but they do require a shift in your business model to better use the flexible resources available from cloud computing, or the development of a plan that boosts efficiency, reduces costs, and thereby improves your bottom line.
Here are a few tips to keep cloud strategy front of mind.
While the goal of most infosec professionals is ostensibly to prevent data breaches and security incidents, the daily headlines about major hacks prove that no one is completely safe. If — or perhaps we should say “when” — you are breached, one of the first steps is to perform digital forensics to help locate the attack vector, identify compromised systems, and tag any stolen data.
Cloud environments further complicate the digital forensics process, especially in an increasingly multi-cloud world, where multi-tenant hosting environments and hybrid IT infrastructure is more and more common.
Preparing a cloud forensics protocol can help your organization reduce the overall cost of a security investigation and disclosure, quickly figure out how the attacker gained access, restore system operations faster, and even garner discounts on any cyberinsurance you may have.