Article
RSS
Monster Mash: The Horrors Threatening Your Security in the Cloud and Beyond

A Contributed Article by Jamie Manuel, Identity and Access Management analyst for Quest Software (now part of Dell)

There are many theories on the origin of "Halloween" originating from various religions and folklore, centuries ago.  Many evolved into the fun practice today of putting on a disguise and going from door to door.  Unfortunately, in the world of IT, putting on a disguise in order to gain access to information is no laughing matter. And because we live in a cloud and virtualized world, this is more important now than ever - Breaches of sensitive information are no longer limited to traditional ways, such as social engineering physical tactics - there is additional concern with the advent of cloud services and managed cloud applications.  Today being Halloween, I thought I'd have a little fun with the theme of the day to explore the horrors that may be skulking in the IT shadows and how to trick them, so they don't get your treats.

For our first analogy of how fright and tech overlap, let's have a look at Dracula, the blood sucking vampire, for  Dracula is often portrayed as the romantic who can swoon the ladies like no other (as he's had centuries to perfect his craft).  Once their guard is lowered, he moves in for the kill.  IT Security professionals must always be on the look-out for such behavior.  That free pumpkin spiced latte by an end user might easily be followed by the phrase, "Hey - can you do me a favor?"  Before we know it, Dracula is requesting access to a file share, application or service, which should be done through a proper access request system instead of off the record.  But hey, he was so nice and charming.  Sadly in this case, the blood is the life-force of your organization and can be anything such as private customer info, intellectual property or inside information. 

Lesson here, tell Dracula thanks for the latte, but stick with the access request portal because his request will go to the appropriate person and be logged for future audits.  It's also a good and often mandatory practice to perform certification checks on a regular basis to verify that only those who need the access, have it, and no one else.

Ghosts are one of the most common ghouls to watch out for on Halloween, and in the world of IT, they are around all year.  They lurk quietly, watching your end users while patiently waiting for them to slip up and leave an opening for access.  It's often an easy mistake to make - something as simple as clicking a link in an innocent looking email, or leaving their passwords written down on a post-it note on the wall next to their monitor.  In the case of your managed cloud apps that can be accessed outside of your environment, proper password practice becomes very important.  Once they are in, they are in and can do a lot of damage as they look just like your end user. 

The lesson we can take away from this is first off to ensure that our end users only have the access they need to do their jobs, and nothing more, making them less of a target.  More importantly, a two-factor authentication system can help ensure no ghosts are pretending to be someone they are not.

Zombies are ‘all the rage' these days and I suspect we will see loads of kids dressed up as Zombies at your front door this evening.  ‘The Walking Dead' as they are often called (intentional props to one of my favorite shows on TV) are just that: dead.  In the world of IT, these could just as easily refer to those employees who have either left the company or possibly even just the department, yet still have an active identity in the system.  This is especially scary when you have teams leveraging external cloud apps to share files outside of your network.  When someone leaves, if they were accessing files on a cloud collaborative service, even if they are deprovisioned from the network, that likely won't cover the cloud app if the access is separate from the network. 

You wouldn't let a bunch of Zombies walk around your workplace, so why let a bunch of terminated employees continue to walk around behind the scenes of your network?  The lesson here, perform regular attestation checks to ensure that the "dead" are in fact dead and have been deprovisioned from your network. 

So if you are dealing with any of the above ghouls or perhaps making do with an old Frankenstein framework to address your identity and access management challenges, you need to research the options out there.  The first step is to identify which ones you are dealing with, identify your top risks and priorities and then make a plan from there.  So today on Halloween, have some candy and laughs, but I strongly suggest you start with something like reviewing your network identities to make certain you don't have any Zombies lurking around your office!  

About Jamie Manuel

As an Identity and Access Management analyst for Quest Software (now part of Dell), Jamie is responsible for identifying market trends and research to drive the go-to-market plans in the identity and access management portfolio.  Prior to joining Quest, he worked on product support and management teams for a leading consumer based software manufacturer.  Jamie has over eight years of experience in the software industry and is based in Ottawa, Canada.  

Published Wednesday, October 31, 2012 7:00 AM by David Marshall
Comments
Monster Mash: The Horrors Threatening Your Security in the Cloud and Beyond « VT News - (Author's Link) - October 31, 2012 8:04 AM
Identity and Access Management - Blog - (Author's Link) - February 25, 2014 10:01 AM

You may know Jamie Manuel as a Product Marketing Manager for Quest’s (now a part of Dell) Identity

Identity and Access Management - Blog - (Author's Link) - February 25, 2014 10:01 AM

You may know Jamie Manuel as a Product Marketing Manager for Quest’s (now a part of Dell) Identity

To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<October 2012>
SuMoTuWeThFrSa
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910