Information Security Today Home

New Books

Developing and Securing the Cloud by Bhavani Thuraisingham; ISBN 9781439862919
Securing Cloud and Mobility: A Practitioner's Guide by Ian Lim, E. Coleen Coolidge, and Paul Hourani; ISBN 9781439850558
Cloud Computing: Implementation, Management, and Security by John W. Rittinghouse and James F. Ransome; ISBN 9781439806807
Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud by Frank Siepmann; ISBN 9781439879092
Core Software Security: Security at the Source by James Ransome and Anmol Misra; ISBN 9781466560956
The Frugal CISO: Using Innovation and Smart Approaches to Maximize Your Security Posture by Kerry Ann Anderson; ISBN 9781482220070

Top 2014 Security Hacks and How Managed Services Could Have Helped

By Garret Grajek, CSO, dinCloud

In 2014, it was impossible not to watch the news without hearing about some form of security attack or hack. The Ponemon Institute claims that hackers have exposed the personal information of 110 million Americans in the last 12 months alone, with up to 432 million actual hacked accounts.

Letís check out some of these high profile attacks:

WhoWhen# of RecordsDetailsMethods
eBayFeb-Mar 2014145 MillionEmail IDs, encrypted passwords, and other user dataObtained logon credentials from employees
JPMorganJun-Jul 201476 MillionNames, Email, address, phone numbersObtained admin privileges on data servers
TargetJan 201440 Cardholders; 70 other identitiesConsumer information (PII) and credit card numbersHVAC (Heating Ventilation Air Conditioning) VPN access
Home DepotSep 201456 million cardholders dataCredit card and PII informationMalware attack via POS terminals
Sony PicturesDec 2014100 terabytesPotentially every piece of data, including unreleased films/scripts, employee SSNs, salaries, health information, email, business docsAPT attack from organized agency (likely government utilizing network and server penetration mechanism)

Q. How could hosted or managed services have helped in each of these instances?

eBay: A secure cloud services can quantify which admins have access to data and servers and which enterprise users are allowed. If the cloud vendor is serious on security, all access should be two-factor authentication. The network should also be separated off other services via a dedicated virtual private cloud infrastructure.

JPMorgan: A secure cloud service can quantify sever access via a centralized control mechanism and then force two-factor authentication on all access.

Target: The target example would be mitigated in a secure cloud by not letting non-secure users (e.g., HVAC vendors and operators) have network access to private data. Secure clouds will segment the network and not allow for user access in non-authorized network and server segments.

Home Depot: In a secure cloud, all data is segmented and encrypted. This Home Depot type of hack is looking for data at rest. A secure cloud usually encrypts all data in transit and at rest.

Sony Pictures: Segmentation of data and user access, encryption of all traffic, two-factor authentication for all access, and network and data monitoring are all features in a secure cloud that could help mitigate this type of attack.

Many people might fear the cloud because of these security related breaches. Are they right to feel this way?

No. Experts in the field are recognizing that the number one security gap in IT today across the world is not the technology, but the lack of staff utilizing these technologies. Managed cloud providers are actually snatching up the best talent because they can deploy and manage the proper technologies and distribute the cost of the products and their intellectual knowledge across any customers (much the same way a major hospital is able to keep the top talent in their respective disciplines).

Do you think proactive (vs. reactive) security should be required in certain industries? If so, which ones and why?

New technologies are enabling enterprises to respond in a proactive way. For example, the most popular IP-reputation based technologies gather worldwide ISP information from known "problem sites" and then proactively warn enterprises when network traffic is emanated from one of the sites. This being said, modern data centers, especially the cloud, should have logging and event correlation technologies and practices that help them identify accesses and intrusions.

Is there a secret recipe to effective cloud security?

No. A secure cloud is a sum of products, practices and personnel. The concept of APT (Advanced Persistent Threat)--the modern hack--is to probe all weakness and then use the right hacking tool to meet the available vulnerability.

What are some best practices that companies should take note of in 2015 to avoid security breaches in the future?

Segregating data and resources; quantifying access to all resources, with manageable access policies to all resources; putting thorough, proactive mechanisms in place to stop attackers, with associated forensic tools and personnel for the purpose of analysis weaknesses.


 
Subscribe to Information Security Today






Share This Article

Bookmark and Share


© Copyright 2015 Auerbach Publications