Managing ‘Trust’ is critical in a distributed IT environment
Feb, 17 2020 | Trusted Privileges, DevOps
Gone are those days when the core of IT security used to be confined within data centers. The concentration of the IT security officials is no longer restricted towards securing the database servers from unauthorized access, monitoring network administrators and their activities. Modern IT environments are more inclined towards advanced technologies that are more complex in nature and have multiple set-ups.
Let us discuss a few use case scenarios which show that our modern IT infrastructure is getting complex every day and managing ‘trusted privileges’ is getting even more complex.
Risks arising from multiple datacenter environments: It is a massive challenge for IT administrators to monitor hundreds or thousands of privileged identities in multiple data centers located in multiple geographies. When organizations keep on increasing the number of data centers, the number of privileged identities rise exponentially to access and manage huge amounts of data in the data centers. More and more workforce is accessing data remotely and DMZ zones. When the IT security team creates identities for several users, they in a way show the ‘trust’ in ‘trusted privileges’ for managing and accessing confidential information. However, it is very seldom to have an IT ecosystem without any spoiled child. Malicious corporate insiders are one of the biggest threats to classified information. Therefore, can we “trust” each and every user in the distributed network? How can we ensure that all the privileged users in this distributed environment are trustworthy?
Threats surface is wide in Managed Service environments (MSP): A giant Managed Service Provider (MSP) was in IT News headlines at the beginning of 2019 since it was used for attacks targeting almost a dozen of its customers. Contextually, MSP is a cost-effective alternative for an organization that takes over operational workloads including storing and processing data. Migrating data to Managed service environments means relinquishing control of enterprise data. Hundreds of ‘trusted privileges’ manage enterprise data in a third-party environment. Hence, the trust factor of the MSPs is extremely crucial since they shoulder the responsibility of the security of the organizations’ IT infra, including privileged credentials that are the gateway to confidentiality information. How can organizations ensure “trust” when there is third party access in the network? Who is accessing data? Why was the data accessed? When was it accessed are some of the questions that should be bored in mind.
Managing privileged accounts in IaaS Plane could be a challenge: A key Government department in one of the South American nations fell victim to a data breach last year, compromising 93 million personal records of registered users. The data was lost due to poorly configured databases stored in an unsecured, illegally hosted cloud server. Today, hosted environments like cloud platforms are more targeted by organized cybercriminals. Since IT heads nowadays prefer IaaS platforms to migrate and store data assets for maintaining operational efficiency, cybercriminals increasingly eye privileged accounts as these IT assets provide administrative access to applications, secrets (scripts, codes, containers, executable deployments), Virtual instances, etc. It’s a shared responsibility between the IaaS provider and the vendor to ensure that privileged access to target systems is authorized and validated with the help of MFA including Adaptive authentication for maintaining the digital trust.
The bottom line:
Modern enterprise IT infra is highly distributed and scattered wherein managing privileged identities is a humongous challenge. Enterprise can lose the digital trust if access mechanism like authentication, authorization, restriction, just-in-time elevation to privileged accounts is not up to the mark.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Endpoint Privilege Management mitigates risks arising out of endpoints. ARCON | Secure Compliance Management is a vulnerability assessment tool.