Upload
dale-palmer
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
Preventing Good People From Doing Bad Things
Best Practices for Cloud Security
Brian AndersonChief Marketing Officer
& Author of “Preventing Good People From Doing Bad Things”
2
Public, Private and Hybrid Cloud Computing Security
• For infrastructure, end points, data and applications
• Across physical, virtual, public, private and hybrid cloud environments
• Empower IT governance to strengthen security, improve productivity, drive compliance and reduce expense
Vision
Securing the Perimeter WithinConsistent policy-driven, role-based access control, fine grained privilege delegation, logging, monitoring and reporting Server & Desktop Physical &
Virtualization Windows, Linux, Unix
NetworkDevice Security
Data Security& Leak Prevention
Governance, Risk& Compliance
3
The Problem is Broad and Deep
• The threat from attacks is a statistical certainty and businesses of every type and size are vulnerable.
• Organizations are experiencing multiple breaches: 59 percent had two or more breaches in the past 12 months.
• Only 11 percent of companies know the source of all network security breaches.
4
Privileges are Misused in Different Ways
Insider attacks cost an average $2.7 Million per attack1
Desktop configuration errors cost companies $120/yr/pc2
Virtual sprawl and malware are ever-present realities
Source: 1 Computer Security Institute and FBI Survey.Source: 2 IDC Report: The Relationship between IT Labor Costs and Best Practices for Identity and Access Management with Active
5
• 48% of all data breaches were caused by insiders (+26%)1
• 48% involved privilege misuse (+26%) 1
• 98% of all data breaches came from servers1
Insider vs Outsider Threats“Organizations continue to struggle with excessive user privilege as it remains
the primary attack point for data breaches and unauthorized transactions.” ~ Mark Diodati, Burton/Gartner Group
External ThreatAnti-Virus
Firewalls
E-mail Security
Web Security
Internal Threat
Data Security &Leak Prevention
PrivilegedIdentityManagement
Intrusion Detection& Prevention
Source: 1 “2010 Data Breach Investigations Report“ by Verizon with US Secret Service
BeyondTrust
6
Social Engineering
Malware
Password Attacks
File Infections
MaliciousUsers
End Point Vulnerabilities in a SAAS World
7
Requirements:
Anti-Virus Patch Management Privilege Elevation End Point DLP
Best Practice For Cloud Security
Employ a Full Suite of EndPoint Security Tools
8
Cloud Computing Reality – Public, Hybrid or Private• Increasing scale – from thousands to tens of thousands servers
• Increasing complexity makes configuration and change management challenging – Complex directory structures are a major pain point
• Reliability is critical to realizing operational improvement
Impact of Virtualization and Cloud Computing
9
Requirements: Account for All Privileged Users
Manage Provisioning/De-Provisioning Privileged Credentials
Implement a “Least Privilege” based Control System
Monitor and Reconcile Privileged Activity
Maintain a High Quality Audit Repository
Automate Compliance Reporting
Best Practice For Cloud Security
Full Life-Cycle Control of Privileged Users
10
Impact of Virtualization and Cloud Computing
Customer Requirements For Enterprise Grade Cloud Security• Scalable, enterprise grade fabric• Seamless integrations with on-premise and
cloud directories• Allow admins to manage policies not
infrastructure • Dynamically react to changes in virtual
environment• Quantifiable performance metrics of how its
performing
11
Policy Files
11
How Least Privilege Works
Submit Host (pbrun)
Master Host (pbmasterd)
Request a Privileged Task Rejected
Log Host(pblogd)
Event LogsI/O logs
Accepted
Privileged Task
Privileged User
Run Host(pblocald)
1
2
2
34
Task Delegation / Privilege Escalation
12
Policy Files
12
Fully Cloud Based Least Privilege
Submit Host (pbrun)
Master Host (pbmasterd)
Request a Privileged Task Rejected
Log Host(pblogd)
Event LogsI/O logs
Accepted
Privileged TaskPrivileged User
Run Host(pblocald)
1
2
2
3
4
On- Premise
Hosted
13
Policy Files
13
Cloud Hosted Least Privilege
Submit Host (pbrun)
Master Host (pbmasterd)
Request a Privileged Task Rejected
Log Host(pblogd)
Event LogsI/O logs
Accepted
Privileged TaskPrivileged User
Run Host(pblocald)
1
2
2
3
4
On- Premise
Hosted