Multifactor authentication can be a component to further enhance security.” Why authorization remains a challenge “There are multiple vendors providing privilege access and identity management solutions that can be integrated into a traditional Active Directory construct from Microsoft. “The reality of data spread across cloud service providers and SaaS applications and connected to the traditional network perimeter dictate the need to orchestrate a secure solution,” he notes. In some cases, multiple technologies may need to work in concert to achieve the desired level of access control, Wagner says. Access control solutionsĪ number of technologies can support the various access control models. In particular, organizations that process personally identifiable information (PII) or other sensitive information types, including Health Insurance Portability and Accountability Act (HIPAA) or Controlled Unclassified Information (CUI) data, must make access control a core capability in their security architecture, Wagner advises. It’s imperative for organizations to decide which model is most appropriate for them based on data sensitivity and operational requirements for data access. “In this dynamic method, a comparative assessment of the user’s attributes, including time of day, position and location, are used to make a decision on access to a resource.” In ABAC, each resource and user are assigned a series of attributes, Wagner explains. RBAC grants access based on a user’s role and implements key security principles, such as “least privilege” and “separation of privilege.” Thus, someone attempting to access information can only access data that’s deemed necessary for their role. MAC is a policy in which access rights are assigned based on regulations from a central authority. MAC was developed using a nondiscretionary model, in which people are granted access based on an information clearance. “Access control requires the enforcement of persistent policies in a dynamic world without traditional borders,” Chesla explains. Most of us work in hybrid environments where data moves from on-premises servers or the cloud to offices, homes, hotels, cars and coffee shops with open wi-fi hot spots, which can make enforcing access control difficult. But not everyone agrees on how access control should be enforced, says Chesla. Most security professionals understand how critical access control is to their organization. Access control policy: Key considerations The risk to an organization goes up if its compromised user credentials have higher privileges than needed. The Carbon Black researchers believe cybercriminals will increase their use of access marketplaces and access mining because they can be “highly lucrative” for them. One access marketplace, Ultimate Anonymity Services (UAS) offers 35,000 credentials with an average selling price of $6.75 per credential. These systems can be used as zombies in large-scale attacks or as an entry point to a targeted attack,” said the report’s authors. These access marketplaces “provide a quick and easy way for cybercriminals to purchase access to systems and organizations…. The Carbon Black researchers believe it is “highly plausible” that this threat actor sold this information on an “access marketplace” to others who could then launch their own attacks by remote access. For example, a new report from Carbon Black describes how one cryptomining botnet, Smominru, mined not only cryptcurrency, but also sensitive information including internal IP addresses, domain information, usernames and passwords. The collection and selling of access descriptors on the dark web is a growing problem. Another reason for strong access control: Access mining
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |