IT Security

Security as a Service – MSSP

Security as a Service – MSSP

Since an incredible amount of companies makes good use of cloud services, we quickly need to rethink our existing security infrastructure.

By using cloud applications and remote access we “open up” our network to the whole wide internet world while older security tools often do not sufficiently account for the new online setup.

Modernizing the own IT Sec tool- and hardware-landscape seems to be the way to solve this, otherwise an organization could decide for a MSSP: A managed security service provider who manages your IT security from the outside.

Why “outsource” IT security?
Actually there are some good reasons for this (of course there also might be some against it but it should at least be considered). The difficulty to find and pay qualified IT Sec experts instead of having an experienced, external expert team who is always aware of the latest threats and trends would be one argument. Depending on the individual setup it´s also worth checking the cost effectiveness: MSSP´s could provide similar services running on the same security assets for different customers at one time, therefore achieving economies of scale.

Apart from the general decision we should ask ourselves which parts of IT Sec should remain within the company? What about IAM?

Generate savings in IT Security!

Generate savings in IT sec – what´s happening in the market

Referring to IBM and Ponemon institute Cyber Resilience Report 2020, many organization are about to define an emergency plan in case of attacks (Cyber Security Incident Response Planning, CSIRP). You benefit a lot from a coordinated and structured procedure to localize, isolate and kill the intrusion while not forgetting about aspects like communication with stakeholders. In the end this invest pays off greatly as consequences without it would be devastating.

Looking at the results of the resilience report it could be recommendable to reduce the amount of tools you use: The less the better in terms of security.

Instead of inflating the infrastructure with a lot of different, sometimes interdependent and narrow solutions, companies could benefit from a focus on the most important ones. There also is a trend towards an identity centric security infra. Millions of attacks target the human factor, trying to steal digital identities for access to our digital values and assets.

Concluding, it seems that a focused IT security will in many cases be more effective then a very complex one where you could simply overlook suspicious activities.

What is your opinion about the trend to reduce the tool landscape?

Healthcare institutions and governmental agencies say no to cloud

In the last weeks we had some very interesting talks with healthcare institutions and governmental agencies: One very important learning: No cloud

It´s not a new topic that a move to the cloud comes with a lot of security issues. For organizations with critical data (e.g. hospitals or public agencies) there is no way of using cloud solutions from abroad. Everything needs to remain within the organization, nothing is transferred to external companies.

The main reason is quite simple: You can´t guarantee what is happening to your data as German / European data privacy laws do not apply. Also, you´re depending on the providers services and delivery – in case they are facing issues you will be in serious trouble.

In our opinion the usage of cloud technologies is quite useful and there are a lot of good reasons for it. Just remember to have a good security environment around it as you´re openly connected to the internet, meaning you could have some easy access opportunities for intruders!

Best practice: Experiences with IAM in the German industry

This week we had a very interesting chat on IAM with an experienced architect working with one of the biggest German industries.

Some years ago they started to develop a cloud platform where customers can access heavy machines this company built for them.

This already took place about five years ago and as it was one of the first online/cloud projects it was criticized to be unsecure and meant to fail. All eyes were on this project and the pressure to succeed very high. Imagine a breach taking place when starting to use this platform: Big customers would experience hacks of machines worth millions – this costs lots of money and could even be very dangerous for the employees working with them.

Their advise to all other manufacturers is very easy: Take good care of security as fast as possible when it comes to cloud projects. Until today they never had any problems with cyberattacks on their platform as they are using a professional solution to secure internal and external access.

Just one more thought: They started to use IAM and MFA already five years ago – until today the amount of attacks grew to an alltime high with many millions of identity threats every day from all around the world – are you prepared for them?

The 4 types of computer viruses

Certainly there are too many special and different viruses to know them all, but let us try to get a typification for the most common ones:

1. Perform operations on PC
– e.g. encrypt or delete data
– boot virus (you can´t log in to your OS anymore)
– Execute commands

2. Physical attack: Hardware takes damage from a virus
– Manipulate the hard drive firmware
– USB and other connections are deactivated
– Manipulate temperature controls of CPU, burning the motherboard

3. Hijacking: Hackers use the processing power and storage of your device
– Virus disconnects you from the internet
– PC is used within hacker botnets
– Unwanted applications are installed to show you ads

4. Spying: Probably the most dangerous type
– Hackers spy passwords and logins so they can steal your identity and access company networks and data
– Record and track users´ forbidden or undesirable activities for blackmailing
– Take over control via e.g. remote desktop

Do you miss any important category? Have you been experiencing one of these?

Android

It´s not only about services and servers: Take good care of your mobile devices!

Most companies offer at least some of their employees company smartphones. Today not only sales and management positions need to work with smart devices, but let´s take it from here: Imagine a very well protected IT environment within the company network while managers use smartphones without any specific protection or secured access to applications as outlook.

Referring to yesterday´s news there are some critical weakpoints in Android OS that should be fixed with the patchlevel 2020-07-01 or 2020-07-05 (https://lnkd.in/gZPDNvS)

Consider checking your own version from time to time and if you´re responsible for IT security don´t miss to expand your protection to smart devices.

Due to misconfigurations of Git repositories attackers could easily access your databases.

Very important to check: Due to misconfigurations of Git repositories attackers could easily access your databases.

According to “Die Zeit” and “c’t” it´s not just smaller organizations but also DAX companies, governmental agencies and universities that had this issue as about 41k systems were identified to be at risk.

https://lnkd.in/dmssz_k

Release and critics of the corona warning app in Germany

Release and critics of the corona warning app in Germany

There are many voices these days criticizing that the government´s app is tracking whom we meet and where we are. The intention is to create a very fast and digital approach to take control of infection chaines.

Though this seems to be a very smart idea there are many doubters throwing shade at the app as you are providing personal data to the government. The problem with this is that we seem to forget about all the information we are making accessible every day to a lot of bigger and smaller companies and do not even know what our data is used for. The corona warning app instead is giving you a transparent and clear insight into this matter.

By the way – even the Chaos Computer Club did not say anything negative about the app so it can´t be that bad! Every new user counts to make this a success against covid, get yourself informed and think about joining:

https://lnkd.in/drx4Stg

#security #app