Training to increase employees’ security awareness and change risky behaviours among end users is important, particularly as the future workplace will be hybrid and many professionals will still be working remotely. After all, you don’t want your employees to be the “soft underbelly” that hackers, criminals, or other bad actors can easily target.
While end user education and awareness plays a crucial role, this is only a partial defense. There’s another group of people that companies should be focusing on, and that’s the people in charge of maintaining the IT infrastructure and network.
A strong case can be made that shoring up defenses requires “automating out” the weakest link – i.e., humans – from any cloud that companies are entrusting with their data. This applies to their internal, on-premise clouds as well as to the external cloud vendors that they choose to engage with.
In “automating out the weak link,” the ability of superusers or IT administrators – or of bad actors who have gained access to valid admin credentials – to manually interfere with sensitive data becomes non-existent, because human interaction is eliminated.
Trust no one
The zero-trust model, which has gained favor in recent years among many cloud vendors, serves as a starting point for making this happen.
The zero-trust security framework challenges the idea of trust in any form, whether that’s trust of networks, trust between host and applications, or even trust of super users or administrators. The best way to secure a network, according to the zero trust framework, is to assume absolutely no level of trust.
While this is a laudable goal, zero trust can only be achieved if zero touch is a foundational element. This approach centers around ensuring that nobody – not even the small number of trusted resources that most cloud vendors typically allow for – is provided with access to the customer data.
Automation reduces risk
New forms of automation help take the human out of the equation, creating a zero-touch environment.
For example, suppose a customer wanted the cloud vendor to collect information on some of their data. In a traditional environment – even a zero-trust environment – that task would typically involve a human.
In a zero-touch environment, the cloud vendor has no direct access to the data. They’d need to create some kind of app that could be pushed into the production environment to collect the information from the servers in a secure automated fashion, with no human, hands-on involvement with the sensitive data. In other words, they’d need to write code and deploy the changes as code instead of manually doing it via direct shell access to servers and systems.
Automation can also assist in making zero touch a reality in more commonplace scenarios like patching, which has typically relied on having people physically access the servers and deploy patches.
Contrast that with a zero-touch approach that incorporates automation into the company’s threat and vulnerability management program. In this approach, the company is acting based on scans that are performed autonomously rather than through the “old school” way of having a real person go into the servers, deploy the patch, initiate the shutdown, and initiate the restart.
Instead, automation will actually build that patch component into the container as it’s required and ensure that the baseline is covered from a vulnerability perspective. This automated approach is a way for companies to get smart about how they scan their resources, discover what’s missing or what needs to be patched, and then automate that process of deployment.
This automation also solves one of the classic problems of a non-zero-touch/zero-trust model, which is that companies generally provision overly broad access to their administrators. If you’ve removed all of the human admins from the system and have essentially given responsibility over to the machine, you’re able to easily monitor for variances or non-compliance, because you’ve defined that baseline of what’s actually permitted and what isn’t.
Address the soft underbelly wherever it exists
Wherever there are humans, there is vulnerability. End users are only one part of the picture. By focusing on automating human interaction out of most aspects of their network and IT infrastructure through a zero-touch approach, companies can ensure they are achieving the highest levels of security for their sensitive data.
from Help Net Security https://ift.tt/3gYP8Bz
0 comments:
Post a Comment