Ev Kontsevoy, CEO and co-founder of Teleport, has five steps for security team to protect infrastructures. We live in a day with potential threats ranging from individual bad actors to state-sponsored hacking groups– corporations and institutions scramble to shore up defenses and stay ahead of emerging cyberweapons.
In 2021, major news breaks were on the back of dramatic cyberattacks. It had been revealed that important data has been compromised, and malicious ransomware hacking caused major companies to lose big chunks of their business.
One of the most pressing challenges for organizations looking to strengthen their cybersecurity is outdated technology and old, outmoded conventional wisdom. The biggest security threat an organization faces comes not from hackers, but the lax password practices employees use. In order to protect infrastructure and sensitive assets from cyberattacks, organizations need to abandon old solutions like passwords and embrace these five strategies:
-
Get Rid of Secrets
Cyberattacks are often caused by human error, meaning it’s crucial that organizations remove humans from their security team strategy. Passwords and other private information can be lost, stolen or sold to a bad actor, so each password could lead to an identity being exposed. This can take place with the GoDaddy breach where one compromised password led to more than 1.2 million WordPress users having their account information exposed.
Many people use the same password for social media, email, and banking sites. Although 70% of passwords have been compromised, people often do not realize the issue until it is too late. In order to eliminate chance of accessing sensitive data in these instances, companies need to make use of strong passwords to put an end to this problem.
-
Implement identity-based access
Using secret passwords to keep things secure is a flawed solution because it requires the user’s password, which is too easily disclosed or exposed. The best way to keep a system secure is using identity-based authentication and authorization. This means that every time someone needs access, they can prove their identity without needing to have different passwords for everything.
Machines and applications must also have an identity, which prevents them from being used as a weapon against their own organization. If a hacker infects another machine with malware, then the infected machine itself can’t be identified and dealt with.
-
Leave perimeter security behind
A new type of architecture is the zero-trust architecture, which can offer the same protection as the traditional security team approaches. It is basically to assume that every computer in the system, including yours, is on a public internet and your responses should be reactive to this, rather than trying to define and defend a perimeter.
It’s easy to initially protect the network perimeter by using a VPN, but this comes with severe trade-offs in terms of security and monitoring. Once a perimeter has been breached, attackers can easily move laterally within the system and dramatically increase the impact of their actions. By securing individual computing resources like applications, databases, and servers, organizations can limit the damage of any breach to only one node in the system.
-
Bolster DevSecOps
Security team need to make sure that they are working with engineers and scientists, not against them. These lines of work are best when they work together to ensure that the connection is strong and secure.
Developers should be responsible for securing their own systems. The DevSecOps approach encourages developers to implement security at every stage of product development, shifting security from the right to the left in the DevOps process. Essentially, it results in every component and configuration in the technology stack being patched, configured securely and documented.
-
Reverse complexity
When organizations modernize their security practices, they sometimes have to decide what to do about legacy tools and systems. Throwing away existing solutions and removing backwards compatibility can lead to severe growing pains within an organization. However, failing to cut loose obsolete technology leads to a growing attack surface area, increasing the probability of human error and serious security risks. Organizations that choose to graft new solutions on top of existing technology layers end up with a highly complex ecosystem, one that’s difficult to monitor and even harder to secure.
A single access point reduces complexity, eliminating the possibility of human error that could lead to major breaches due to confusion among protocols.
Cybersecurity is a dynamic practice and must be ever-evolving. Perimeter-based security won’t work when there is significant financial reward. Organizations need to embrace new, advancing technologies and ensure that the infrastructure they protect never gets old.
