SSH Management has been in the press a lot the last 2 years.
Sponsored reports from analysts have focused on poor key and SSH management practices, a highly speculative assertion that Edward Snowden somehow used keys to gain access to systems (which he denies), and now the US NIST has published a document that, among other things, puts a focus on ‘automated authentication’ used for application-to-application (app2app) or system-to-system/computer-to-computer (c2c) communications.
NIST now recommends that the same level of focus and account management that has been recommended for year for interactive (people) accounts be placed on these automated accounts. Continue reading
Unix & Linux Control
Controlling what someone can do once they have accessed a Unix or Linux server within your environment is a goal for every systems administrator and security analyst to set their sights on.
System admins have a purpose to allowing other users of the system only limited access; users mess things up, and that know that. It could be anything from a noob (or novice administrator) who oversteps their knowledge, or it could be an application developer running a script with root privileges that does something like ‘rm -rf */*’. No sys admin wants to have to explain how that happened, or clean up the mess. Continue reading
Identity Access Management (IAM)
I just read a recent article about IAM (Identity Access Management) projects, and the level of complication that can ensue when trying to plan and implement a project of the scale and scope that a comprehensive IAM project entails.
The theme of the article is that AD (Active Directory), in many enterprises, is the identity store of choice; the idea being that if you could align your enterprise to use a single account, there is an economy of scale, reducing the number of places where access and permissions would need to be managed. Continue reading
Network and Data Security Breaches Are Rising Exponentially
IIn today’s environment of massive data security breaches organizations more than ever need to deploy a defense in depth.
Firewalls no longer are enough to keep hackers out and prevent breaches. Threats can emanate from all directions, and often the first foothold an attacker can get is on a common desktop or laptop of an unsuspecting person who opens an e-mail attachment or visits a malicious website. Defending these systems is hard, but must be attempted. However, in the face of much evidence these systems will remain vulnerable and continue to be the source of many breaches. It is what happens next that must be considered and prepared for.
After the initial successful breach, the goal of an attacker will be to widen their foothold in an organization until they have compromised the valued data, or have control over the valued systems. Attackers spread themselves through additional systems through lateral attacks, jumping from one machine to the next until they can reach their goal. Each step is an opportunity to prevent or detect the attack, or prevent or detect the next attack.
For these reasons layers of security are required to find and prevent each link in the chain of attack. Continue reading
Fox Technologies announces high-tech industry sales veteran, Bryan Short, as new VP of Sales.
GRAND RAPIDS, MI — January 13th, 2016 — Fox Technologies Inc., a portfolio company of Parallax Capital Partners and leader in Linux system access management solutions, announces the appointment of Bryan Short as vice president of sales. Short is a high-tech industry veteran with over 25 years of experience in sales, marketing, and business operations leadership. He will be responsible for strengthening Fox Technologies’ existing customer relationships, driving national sales strategies to generate demand and achieve revenue targets, and expanding reach into global markets.
Secure Shell (SSH) Data Security
The Ponemon Institute and Forrester have both published studies that have raised a lot of attention, and questioned the security of SSH deployments, and both focus on the implementation practices and procedures. The ugly truth is that this vital tool is often little considered in the security plans of many enterprises.
The focus of both of these studies is on SSH key management. This can certainly be a very important topic, especially with a standard/default SSH implementation: if you need to use SSH user-keys for authentication it becomes enabled for all accounts that have access to the system. Continue reading
2015 has been the year where social engineering became the common trend among many high-profile breaches – resulting in hundreds of millions of compromised records. Going into 2016, Wired Magazine is predicting the top 5 security threats to be: extortion hacks, attacks that change or manipulate data, chip-and-pin innovations, the rise of the IoT zombie botnet, and more backdoors.
What do you think the biggest security threats of 2016 will be?
THIS YEAR, LAWMAKERS surprised us by taking initial steps—albeit, baby ones—to rein in some of the NSA’s mass spying and provide better oversight of the intelligence agency’s activities. It’s unclear, however, if these gains and other privacy victories will hold or will be undone in the panic after the Paris attacks.
Following the terrorist assault in November, which killed more than 100 people, US government officials seized the opportunity to revive their campaign against encryption and password-protected devices, calling on companies like Apple and Google to install “voluntary backdoors” in their phones so law enforcement can access protected content with, or perhaps even without, a warrant. Lawmakers have also introduced legislation that would reinstate the NSA’s program for bulk-collecting US phone records, a program that lawmakers ended earlier this year.
When it comes to voting, there are basically two arguments: a civic one, which states that voting is the moral duty of every able citizen in a democracy, and an economic one, which states that voting is a fruitless endeavor in a game with terrible odds. Perhaps the economists had the right of it. A massive database with 191 million voter records has made its way online, and the strangest part is, no one can quite figure out who put it there or when it will be taken down.
Preventing healthcare data breaches is a common goal for covered entities of all sizes. It can be easy to let the importance of administrative safeguards fall behind other areas, such as concerns over hacking and stolen devices, but organizations need to keep this aspect a key part of their larger data security plan.
According to the Department of Health and Human Services, administrative safeguards are “administrative actions, and policies and procedures, to manage the selection, development, implementation, and maintenance of security measures to protect electronic protected health information and to manage the conduct of the covered entity’s workforce in relation to the protection of that information.”