Welcome!

Cloud Security Authors: Carmen Gonzalez, Pat Romanski, Aruna Ravichandran, Shelly Palmer, Elizabeth White

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security, @BigDataExpo, SDN Journal

@CloudExpo: Article

2014 Trends – The Year of the Insider Threat

As more and more organizations are adopting cloud strategies, there is now an added layer of complexity and sophistication

If last year underscored anything, it was the significant and far-reaching impact of breaches by trusted insiders - case in point, the Edward Snowden affair. What makes this such a critical trend for 2014 is the fact that as more and more organizations are adopting cloud strategies, there is now an added layer of complexity and sophistication when it comes to protecting who can access what types of sensitive data. The cloud makes it easier for organizations to conduct business, but that simplicity also translates into easier ways for insiders or un-trusted individuals to steal data - identity has become the new perimeter.

The number of organizations around the globe turning to a combination of traditional computing, virtualization, and public-cloud infrastructure to deliver business applications quickly, efficiently, and cost effectively is growing exponentially. As they migrate systems to the cloud, or leverage the scalability and elasticity of cloud computing to deliver entirely new applications, they can run headlong into security and compliance issues that must be solved to protect systems and make auditors happy. In addition to protecting privileged access to servers and network gear, virtualization and cloud computing add important new items that need to be locked down. First, organizations need to protect virtualization and cloud management consoles that provide unprecedented administrative power to create, configure, delete and copy network and server resources. Second, organizations must ensure the cloud management application programming interfaces (APIs) that transfer enormous administrative power to scripts, programs and DevOps tools are adequately controlled. Companies that want to ensure their data remains safe regardless of whether it is in a traditional database, in the cloud, or some variation of both, now need to seriously consider the security ramifications of having a lax privileged user policy - especially in an era where a few clicks of the mouse in the console, or a few commands in a script can wreak havoc.

The Snowden breach is a perfect example of the ramifications organizations typically overlook when they consider the negatives of a breach. According to different reports, the NSA has spent millions of dollars replacing software and hardware systems to mitigate the risk of undetected compromises on resources to which Snowden had access. These sorts of costs - forensic analysis, re-imaging, and repairing or replacing compromised systems - are frequently overlooked when assessing the potential value of privileged identity management programs. Harder to measure are the impacts arising from the disclosure or theft of sensitive and confidential information. Not to mention the potential for embarrassment and loss of trust from essential stakeholders including partners, customers, and others.

Another factor we see catapulting privileged users and insider threats as a key trend in 2014 is the increased attention toward regulations and compliance. Regulators are extending security and privacy mandates to cover the risks posed by privileged users and administrative accounts. High-profile insider breaches (e.g., Snowden, Wikileaks), plus increasingly advanced spearfishing and APT-based attacks, have heightened regulator and auditor attention to privileged user threats. And there are specific regulations that apply to specific industries. Some of the regulations include penalties for non-compliance, and many of these mandates continue to be updated to contend with the latest threats. A good number of them have been updated with specific requirements relevant to privileged identity management.

Privileged identity management protects organizations from the risks privileged users pose to systems and data. Privileged users - people like systems administrators, contractors, and third-party vendors - have routine access to the most sensitive IT resources. It's no wonder studies consistently show the largest and most damaging breaches are often traced to these individuals. Privileged identity management software supports and enforces the policies and controls needed to mitigate risks created by privileged users, those with elevated rights and access to administrative accounts, credentials, and systems.

Privileged identity management isn't just about privileged identities, though being able to positively identify powerful users and vault and manage their passwords is a key part of the equation. Next generation privileged identity management platforms also control, monitor and audit privileged users, ensuring they can access only explicitly authorized resources. Comprehensive privileged identity management tools also record privileged sessions so you know exactly what happens during each session - and you can prove it to your auditor. These tools also enable you to lock down virtual and cloud "super-user" administrative consoles, such as VMware's vCenter Server and the Amazon Web Services Management Console.

The fallout of the NSA/Snowden leak and other "insider threat" and "privileged user" incidents has significantly broadened interest in privileged identity management tools, and we expect that to only increase as cloud and virtual technologies continue to evolve. Inbound inquires to Xceedium, and likely other PIM vendors, have increased beyond the usual suspects, such as the traditional security leaders in banking and financial services or organizations with critical infrastructure and those other markets governed by strict security regulations. We're now seeing a big increase in interest across numerous industries and geographic regions.

As insider threats continue to shine a light on the need for next generation privileged identity management solutions, the important thing to remember is to focus on solutions that go beyond simple password management. The ability to attribute actions taken to specific individuals, as well as real-time logging and session recording, make it easier to proactively alert security teams to issues and conduct forensic analysis. If questions arise about an individual's activities, it's a straightforward task to determine exactly what they did and when. Cloud computing introduces important new administrative systems that need to be controlled and monitored. While security breaches are bound to happen, a modern privileged identity management system can make sure you are in a position to appropriately investigate what happened and keep the fallout to a minimum.

More Stories By Dale R. Gardner

Dale R. Gardner is Director of Product Marketing at Xceedium. He's developed and launched multiple network, systems, and security management products for the enterprise market. A former META Group analyst, he started his career as a programmer and networking specialist.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
Providing secure, mobile access to sensitive data sets is a critical element in realizing the full potential of cloud computing. However, large data caches remain inaccessible to edge devices for reasons of security, size, format or limited viewing capabilities. Medical imaging, computer aided design and seismic interpretation are just a few examples of industries facing this challenge. Rather than fighting for incremental gains by pulling these datasets to edge devices, we need to embrace the i...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, John Jelinek IV, a web developer at Linux Academy, will discuss why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers...
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
Fifty billion connected devices and still no winning protocols standards. HTTP, WebSockets, MQTT, and CoAP seem to be leading in the IoT protocol race at the moment but many more protocols are getting introduced on a regular basis. Each protocol has its pros and cons depending on the nature of the communications. Does there really need to be only one protocol to rule them all? Of course not. In his session at @ThingsExpo, Chris Matthieu, co-founder and CTO of Octoblu, walked through how Octob...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, discussed the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports.
SYS-CON Events announced today that Catchpoint, a leading digital experience intelligence company, has been named “Silver Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Catchpoint Systems is a leading Digital Performance Analytics company that provides unparalleled insight into your customer-critical services to help you consistently deliver an amazing customer experience. Designed for digital business, C...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
In his General Session at 17th Cloud Expo, Bruce Swann, Senior Product Marketing Manager for Adobe Campaign, explored the key ingredients of cross-channel marketing in a digital world. Learn how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects).
Things are changing so quickly in IoT that it would take a wizard to predict which ecosystem will gain the most traction. In order for IoT to reach its potential, smart devices must be able to work together. Today, there are a slew of interoperability standards being promoted by big names to make this happen: HomeKit, Brillo and Alljoyn. In his session at @ThingsExpo, Adam Justice, vice president and general manager of Grid Connect, will review what happens when smart devices don’t work togethe...
"Tintri was started in 2008 with the express purpose of building a storage appliance that is ideal for virtualized environments. We support a lot of different hypervisor platforms from VMware to OpenStack to Hyper-V," explained Dan Florea, Director of Product Management at Tintri, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 7-9, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and E...
SYS-CON Events announced today that Linux Academy, the foremost online Linux and cloud training platform and community, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Linux Academy was founded on the belief that providing high-quality, in-depth training should be available at an affordable price. Industry leaders in quality training, provided services, and student certification passes, its goal is to c...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
In the next five to ten years, millions, if not billions of things will become smarter. This smartness goes beyond connected things in our homes like the fridge, thermostat and fancy lighting, and into heavily regulated industries including aerospace, pharmaceutical/medical devices and energy. “Smartness” will embed itself within individual products that are part of our daily lives. We will engage with smart products - learning from them, informing them, and communicating with them. Smart produc...
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, discussed the best practices that will ensure a successful smart city journey.