Hybrid Cloud — The IT leader’s guide

Archive for the ‘Uncategorized’ Category

Hybrid Cloud — The IT leader’s guide

Posted by

The Entprisers Project has an article on hybrid cloud.

What are the key considerations for hybrid cloud security?

As we recently noted, “Hybrid cloud should strengthen your organization’s security posture, not diminish it. But that doesn’t mean improved security is a default setting. While security fears are declining as cloud matures, security remains an ongoing challenge that needs to be managed in any organization.”

CIO Security LockHybrid cloud security is a big topic; it can be hard to know where to focus. What are the hybrid cloud security questions that you should bear down on now? It starts with visibility. “Too often in modern IT, CIOs and other IT leaders have blind spots in their environments, or they focus too narrowly (or even exclusively) on their on-premises infrastructure,” cybersecurity veteran J. Wolfgang Goerlich, who serves as VP of strategic programs at CBI, told us.

Other key issues include asset ownership controls; compliance controls; security tool interactions; communications, and risk assessment.  As your hybrid cloud strategy grows, so should your security planning.

Read more here: https://enterprisersproject.com/hybrid-cloud

 

Who Watches the Watchers? Firewall Monitoring

Posted by

Even in the face of being declared dead — often and repeatedly since 2004 — the firewall remains a viable security control. De-perimeterization simply leads to a specialization of controls between IT in the cloud and IT on the ground, with the firewall taking on new roles internally. Especially for payment processing, healthcare, and energy, the firewalled network is still a key element of today’s standards and regulations.

The trouble is, all firewalls share a weakness. It isn’t in the IP stack, firmware, or interfaces. No, the weakness is much more fundamental. All firewalls depend on proper configuration and are a single change away from a breach.

Barracuda Networks is well known for its Web Application Firewalls (WAF) which protect against attacks such as SQL injection and others listed in the OWASP Top 10. Back in 2011, however, a change process went awry and disabled Barracuda’s WAF protection for its own servers. Within hours, some tens of thousands of records were stolen via an injection vulnerability on a Barracuda website. All it took was a single misconfiguration.

FireMon Security Manager 8.0 Tools for firewall change management have sprung up to address these concerns. Centralizing the audit log for all changes on all firewalls is great for looking back, however, as Barracuda experienced, a breach can happen within hours. IT admins require real-time detection and notification on changes, which is one of the many features FireMon offers. It can model complex changes and provide a what-if analysis cross-referencing the firewalls with an organization’s policy and compliance obligations.

Firewalls will continue to be a foundational control for an organization’s internal IT. The control for the controller, the watcher for the watcher, is secure change management. This means change planning, detection, auditing, and alerting. Operationally, it also means tracking history and the ability to troubleshoot issues by comparing changes across time. For organizations running complex segmented networks, management tools like FireMon are invaluable for preventing breach by change.