Latest Posts

How to plan against privilege misuse and ensure asset security?

The most epic of historical battles have been won when the victor was able to anticipate his adversary’s strategy and stay two steps ahead. It is the same when it comes to privilege misuse. You should be not just two but four steps ahead and anticipate the vectors that hackers can employ to attack your system. And I say this because you must assume that the cyber-attacker is already two steps ahead of you. So you have to be four steps ahead by anticipating potential privilege abuse attacks and taking measures to protect against them. Think like a hacker to stop a hacker. Well, easier said than done – how can you do this? Let’s break it down. A solution to a problem is just the end objective – but it is the approach to finding that solution which sets you apart and lets you be well prepared for privilege misuse. First step is for you to identify and understand the problem on hand. While this sounds easy, more often than not, in the information security world, a problem remains unidentified for weeks. Once you know the problem on hand, next step is to dig deeper and get to the root of the problem. Why did the problem occur, what could have caused it. Albeit time consuming, it is a crucial step for effective troubleshooting. Now things become easy – you know the problem, you know the root of the problem so finding the right solution becomes a comparatively easier task. Applying that to information security – you should first understand your infrastructure and identify all the loopholes that can be exploited. Anticipate and predict how a privilege misuse can happen in your system. Understand as to what are the different modes and means through which cyber-attackers could breach through these vulnerabilities. Now think of the assets you need to protect and the ways to protect them. Remember, this is a careful process where you must understand the business and financial impact of devising mitigation strategies. Lastly, the most important step would be to align the Board with your plans and execute protection strategies at the earliest without further delay. Logic Analogy with your organization To put this in better perspective, let’s look at a specific risk example. You have understood your company mission, its business, its technology and its infrastructure and have defined its crucial information assets such as servers, databases, network devices and others. Now, you understand the vulnerabilities and loopholes associated with this infrastructure. For instance, for these assets, you have privileged users and administrators who act as super users and have significant privilege rights. Can they pose as a threat? Absolutely. If you know they are the most important personnel, don’t you think cyber-attackers (hackers) would be aware of the same? There are two possible scenarios now. One is that the privileged users might have an intent of abusing these privileges or alternatively, they are prone to genuine human error which an attacker could take advantage of and lead to a privilege misuse. Isn’t it obvious that the hackers will attempt to gain control of these privileged accounts to hack into your assets? As you see the hackers are already two steps ahead. This step essentially is the characterization of risk. So with that done, how do you analyze how the hackers are two steps ahead and be prepared to protect these assets? Protecting against privilege misuse First, make sure you conduct background checks to ensure these administrators and privileged personnel are trustworthy. This way you can partly ensure that a direct inside attack won’t take place. Secondly, identify and implement security solutions such as Privileged Access Management (PAM) in place that help you secure not just on the credentials of privileged accounts but also the access rights and privileges of these accounts. This is to ensure that neither do the external hackers do not get access to your administrator account credentials and privileges nor do the internal privileged users abuse their privilege rights. Thirdly, monitor the solution for its effectiveness and vulnerabilities, if any. Assess the agility and scalability of the solution to align with the changing dynamics of your infrastructure. Next step is to constantly stay updated on the new attack modes and ways, new trends in information security i.e. be aware and educate yourself persistently. If need be, do not hesitate to undergo a technology refresh and update your privileged access security with the latest technology. Lastly, repeat the above steps in a regular fashion – it is an ongoing process. Rest assured, you are two steps ahead in the game and are better equipped to protect your organization from privilege misuse. By following the above, are attackers going to shy away? – No, they are not. But you are better prepared and ahead of the curve with the right approach and process set in place to protect your assets from privilege misuse. How can Sectona help you protect against privilege misuse? We have a unique Privileged Access Management (PAM) solution that is capable of employing the detect and prevent strategy when it comes to privilege abuse with its unique technology and approach. Download and read our Spectra PAM Datasheet to know more about our approaches and value proposition.
Avatar January 17, 2018
Avatar
January 17, 2018

What should be your Privileged Access Security Goals for 2018? Prioritization!!

I have been reading Ruchir Sharma’s The Rise and Fall of Nations recently where I came across two interestingly coined terms – ‘anchoring bias’ and ‘confirmation bias’. Anchoring bias is the tendency to believe good times will last forever. Confirmation bias is the tendency of collecting only the data that confirms one’s existing beliefs. The idea that the book tries to convey is from a global economy perspective where you should identify signs and be attentive to sniff the hidden and not-so-obvious signals. Why am I saying all this and what is the relevance to privileged access security you may think. Let me explain.   Anchoring Bias in the Privileged Access Security Context Often, it so happens that in an enterprise setting, as soon as one implements a security solution, there is a tendency to believe that ‘we have implemented a solid security solution, we are compliant with our regulatory requirements, blocked ways for cyberattacks to take place and good times await us going forward’ – this ever so slightly tends to the anchoring bias concept. An extension to this would be thinking ‘we have covered all possible areas of cyberattacks with robust solutions so our attack surface has been reduced’. However, the reality is so long as an enterprise has critical assets, there will be attackers scheming their attack vectors. Cybersecurity, in general, is never about happily ever after, it is a continuous process. It is a well-known fact that cyber invaders are always on the lookout for new vulnerabilities to exploit and it is up to the security team to ensure that they don’t give in to the anchoring bias but instead strive to keep finding vulnerabilities and ways to protect those loopholes. In a similar fashion, you have evaluated and implemented a privileged access security product for your infrastructure and critical assets. But does that end there? Are you monitoring and aware as to how the product has been implemented in line with your user requirements or future architectural requirements? Are you on top of all the capabilities of the product and which capability is of paramount priority for your user access? Are you assessing the adoption and usage of the product among all privileged users? Answers to these questions will guide you to an important decision for 2018 – the Re-evaluation of existing products.   Confirmation Bias in the Privileged Access Security Context Let’s evaluate confirmation bias now in this context. How to ensure you are finding the right vulnerabilities and not missing out on any critical weak points? Are you likely to be the victim of confirmation bias? You are a security expert. You have analyzed historical patterns, identified and zeroed in on the different types of attacks and why those attacks happen and have even to an extent predicted the kind of attacks that are plausible. Yet, there is a 0.1% chance that you may have given in to confirmation bias by only collecting data enough to analyze historical patterns and your predictions and beliefs of why past attacks happened and why some are predicted to happen. Based on this, you have identified key privileged accounts and have done the needful to protect their access. But have you rightly identified all the critical devices in your infrastructure (both on premise and cloud) stack? Have you accurately mapped all the different types of privileged accounts associated with these devices? You have considered all your internal privileged users. But what about external users such as third party vendors & remote users. It is the age of remote users, they are everywhere. Even internal users today can be considered remote users, courtesy trends such as BYOD & offshore outsourcing. It has therefore become imperative today to focus on securing remote privileged access. More often than not, for collaborative activities to be facilitated for remote users, additional privileged accounts are created – sometimes known, in most cases unknown and unaccounted for exposing security gaps for cyber attackers to leverage. This leaves you thinking that your privileged user security goal for 2018 should be a renewed collaboration based privileged access security.   Prioritize Privileged Access Security To play my part of creating more awareness, it is recommended that you prioritize securing Remote aspects of every privileged User– a gateway that can bestow supreme levels of authority and power to cyber attackers causing enterprises significant business and reputational losses. The goal is to understand the in and out of your infrastructure including critical devices and critical users and analyze all possible vulnerabilities and weak points. Dare to think of the worst and as the popular belief goes ‘hope for the best, prepare for the worst’.   How we can help? At Sectona, we have engineered an advanced Privileged Access Management (PAM) and have developed a unique cross-platform and collaborative PAM suite for enterprises and service providers of any size and scale. We are equipped to help you stay ahead of the curve from the PAM perspective with our renewed PAM approach. Check out our Spectra Privileged Access Management and SpectraMSP to learn more about our products.
Avatar January 2, 2018
Avatar
January 2, 2018

Accelerating Trust in Hyper-Collaboration World

Special moment for us as we announce the general availability of our first product & release of Spectra Advanced Privileged Access Management for both enterprises and managed service providers. We have spent the last 9 months interacting with companies understanding the shift they are experiencing with privilege access security. What we have learnt from this exercise is that addressing user expectation is key to a successful privilege security program. With the explosion of cloud services and Apps & APIs, organizations need to constantly add capabilities that help them monitor & manage privileged accounts. It wasn’t long ago when IT was managing a handful of devices inside a locked room behind a firewall. Users today have gotten more savvy and are expected to accomplish more tasks. If users aren’t delighted, they find workarounds that leave gaps an expose organizations to security risks. Privileged accounts are still one of the weakest links in most common insider and cyber-attacks. If only we could automate more tasks to reduce human errors, collaborate securely with teams and integrate evolving cloud based devices and services, we would achieve modern privileged password security. Herein comes the rise of Spectra's Theme – Privileged User Security with Collaboration Hyper-Collaboration is needed today To rewrite the code for secure collaboration for privileged users, it is highly important to tailor security code with general activities of the users. Spectra helps with secure collaborative access with deep session management capabilities to address the constant need for IT Teams to collaborate seamlessly with partners and consultants. More Devices mean More Security Imagine the scenario where you can automatically discover assets across cloud & virtualized environment + automatically assign policies for internal and external users + provision administrator accounts to allow secure and fast access for users - Yes this is possible and we call this Adaptive Access for Privileged Users. Allow Access from Any Device Administrators are looking for flexibility and security teams always need to balance security. Power Administrators are looking for modern and quick ways of accessing a device with tools they love. Remote users must have isolated access with limited privileges and support users should get easy & quick access. Spectra handles dynamic user needs with advanced cross-platform access capabilities for hybrid cloud environment. We are re-imagining how today's privileged users will interface with not just on-premise devices but also cloud based systems. We are a dedicated and committed team motivated to resolve these challenges.  I thereby encourage you to learn more about us and our product here at Sectona.com
Avatar December 9, 2017
Avatar
December 9, 2017

Impact of GDPR on third-party use of privileged accounts

After years of debate among European policymakers, the General Data Protection Regulations (GDPR) of the European Union have been codified. The new rules are set to go into effect in May of this year. GDPR applies to any business that deals with private EU resident data (GDPR 1 & 14). This is regardless of whether the company is based in the EU. For example, a US company with a subsidiary in the EU territory, or even just conducting business with EU residents, would be bound by the Regulations. In other words, GDPR impacts virtually every company of any size anywhere in the world. GDPR sets standards for a variety of IT security protocols when dealing with personal data, such as privacy settings (which by default must be set at high), and the need to report data breaches in a timely manner.   The Challenge of Third Party Outsourcing One major area of the industry set to be affected by the regulations involves privileged account access and the entire industry of third party management of these accounts (GDPR 4 & 9). Privileged accounts are those that allow administrative or “root” access to a system. Those with control of these accounts can access and modify critical system settings, and see monetized data such as credit card and social security numbers. That is why access to privileged accounts need to be tightly controlled and easily revoked when no longer necessary. The situation becomes particularly tricky when it comes to third party outsourcing for various IT tasks, especially when these tasks involve managing, recording, or otherwise dealing with sensitive personal data. Quite often, third-party partners are provided with remote privileged access--albeit often temporary--to physical and virtual resources within the organization. This arrangement opens a potential soft target for cyber criminals. Hackers go for the weakest link in the chain. They will much sooner target a weak service provider with privileged access to a large firm then attempt a head on breach of the target organization. Thus criminals will look for points of access in a company’s supply chain or other IT vendors being employed by the company. Indeed, in observing the most recent major cyber-attacks --internal and external attacks alike--unauthorized access and misuse of privileged accounts have emerged as the main techniques used by criminals. Hackers typically launch a simple “phishing” attack as a way of getting users to grant a foothold into a machine, which allows them to install malicious software to scan the system for administrative passwords to privileged accounts. Hackers can then move laterally across the network and siphon off the valuable data they’re looking for. Imagine the consequences of such an attack pulled off on just one IT service provider employed by a number of large companies. With this in mind, it is not surprising that achieving GDPR compliance requires that a company track administrative access control, not just for internal users, but also when granted to outside parties (GDPR 1 & 47).   Effective Management Solutions The key for an organization to stay in line with GDPR in the face of the privileged accounts challenge is a robust Privileged Access Management (PAM) solution. A good PAM system offers a secure, streamlined way to authorize and monitor all privileged users for all relevant systems. The system should be able to grant and revoke privileges to users for systems on which they are authorized based on set time frame or project completion. The system should also be able to centrally and quickly manage that access over a disparate set of systems dealing with personal data. Finally, and perhaps most importantly, a PAM solution must be able to create an unalterable audit trail for any operations using privileged accounts. In this way a company can maintain considerable control over the operations of third party service providers and track their actions on company systems. It should be noted that if a company wants to insure effective management of their privileged accounts, user experience is key. Any PAM solution chosen by a company should be easy to install and interact with for all members of an organization. All team members should be able to clearly understand system alerts and instructions. Automation is also a very important element. While the IT department of any company will almost always be required to manually interact with programs, manual approaches to privileged access management are time-consuming and error prone. Most importantly, due to the complexity of tracking activities for multiple users, manual solutions may not be able to provide the desired level of security controls. The market is abound with automated PAM solutions, which can provide control over privileged access without the logistical cost of man hours and the added risk of human error.   The Bottom Line When a company is assessing how to go about managing their privileged access users the most important thing to consider is the potential costs of non-compliance in the event of a breach. GDPR levies serious fines on companies that fail to abide by its security standards and fall victim to a cyber-attack as a result. Under the Regulations a company can be fined 1,000,000 EUR, or up to 2 percent of the total worldwide annual turnover of the preceding financial year, whichever is higher (GDPR 83 & 4). Compare this potential fine to the relatively small investment in a company-wide PAM system, averaging approximately $3,000 for acquisition and installation plus around $300 for each user endpoint being managed by the program. This is of course not including the long term reputation costs of a data breach that comes from a hacked privileged account. In the modern cyber world nothing is more detrimental to a brand than a substantial breach. In a recent Ponemon study that surveyed major US corporations that suffered such hacks, the impact was measured at nearly a $4 million decrease in annual revenue. With these price tags of insufficient data security hanging overhead, companies should take to heart the importance and benefits of efficient privilege management. Harnessing these tools now will allow a company to continue to excel and while staying competitive in the era of GDPR.   Sectona can protect your privileged accounts with its PAM Our Privileged Access Management (PAM) solution is tailor-made to protect businesses from such challenges and ensure user and data security. Read our Privileged Access Management Datasheet to learn more about our approaches.
Avatar November 7, 2017
Avatar
November 7, 2017

Are passwords a weakling in the world of authentication?

Most organizations still adopt the policy of using passwords to gain access to critical systems and assets. While a dual factor authentication may be enabled, passwords still remain a preferred favorite as one level of authentication. They are a way of life in an IT organization. Yet, despite the repeated news on weak passwords being the cause of attacks, the practice of using them still continues. Reports say that an average of 19% enterprise professionals use poor quality passwords or shared passwords that make their accounts easily vulnerable. 2016 Verizon Data Breach Investigations suggest that poor quality, weak and shared passwords attributed to 63% of the confirmed data breaches. But is the quality of passwords alone to blame here? The advent of BYOD has added fuel to the fire, come to think of it. You cannot keep complex passwords because it gets difficult to type them on a mobile device, for instance. Secondly, best practice suggests that you should not keep yourself logged in throughout unless you are required to access the system. So, the quality of passwords naturally tends to be poor owing to convenience of typing out these passwords. In today’s time, a dual factor authentication mechanism has become a usual affair. So, then the question arises, what is the compatibility of a dual factor mechanism to be set up across all media? Can a dual factor token used on a laptop be used for a tablet device or mobile device seamlessly? If not, then is authentication compromised? What needs to be done in such a scenario?   Solution for better authentication The ideal solution is to firstly ensure a multi factor authentication mechanism is in place if not already implemented. BYOD is an inevitable exercise in today’s times. So, the multi factor authentication solution should be such that it is able to provide flexibility and compatibility across devices. To begin with, passwords should be at least an 8 character alphanumeric word – a combination of lowercase, uppercase letters, number and special character. Also, special care should be taken to ensure that common Dictionary words and common passwords such as [email protected] also are not used. This in itself ensures there are at the very least about 100+ million combinations. A hacker’s toolkit is not going to be able to crack the combinations quickly. Neither is the hacker going to take the pain of identifying the right combination. In conjunction with this, a dual factor mechanism should be used. Now, as far as a dual factor is concerned, flexibility across devices for compatible authentication mechanisms should be enabled. For instance, a dual factor token for a laptop, a bio-metric authentication such as a fingerprint scanning for mobile or voice recognition for tablet devices etc. should be facilitated for access to the same system. This can ensure foolproof authentication and at the same time flexible authentication methods across devices. Having said this, the better scenario would be to have common and apt authentication mechanisms across all media i.e. laptop, mobile and tablet.   Fool-proof solution for robust authentication Will the above mentioned techniques be effective considering the zillions of user passwords and user authentication that needs to be managed in organizations? Well, managing these manually might be a futile exercise and also unproductive. The most effective solution to ensure robust security while keeping intact the productivity would be to install password management, single sign-on tool and multi-factor authentication tools. Better still would be to deploy a Privileged Access Management (PAM) solution which has these capabilities. A PAM solution is well-rounded in its ability to automatically manage passwords and ensure strong authentication and access mechanisms.   How Sectona can help? Sectona has built its own Privileged Access Management - Spectra PAM solution with robust privileged password management and authentication techniques to ensure strong security of user access to critical devices both on cloud and on-premise.
Avatar October 16, 2017
Avatar
October 16, 2017
1 3 4 5