Welcome!

Cloud Security Authors: Allwyn Sequeira, Pat Romanski, Liz McMillan, Jim Hansen, Peter Silva

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security, @BigDataExpo, SDN Journal

@CloudExpo: Article

2014 Trends – The Year of the Insider Threat

As more and more organizations are adopting cloud strategies, there is now an added layer of complexity and sophistication

If last year underscored anything, it was the significant and far-reaching impact of breaches by trusted insiders - case in point, the Edward Snowden affair. What makes this such a critical trend for 2014 is the fact that as more and more organizations are adopting cloud strategies, there is now an added layer of complexity and sophistication when it comes to protecting who can access what types of sensitive data. The cloud makes it easier for organizations to conduct business, but that simplicity also translates into easier ways for insiders or un-trusted individuals to steal data - identity has become the new perimeter.

The number of organizations around the globe turning to a combination of traditional computing, virtualization, and public-cloud infrastructure to deliver business applications quickly, efficiently, and cost effectively is growing exponentially. As they migrate systems to the cloud, or leverage the scalability and elasticity of cloud computing to deliver entirely new applications, they can run headlong into security and compliance issues that must be solved to protect systems and make auditors happy. In addition to protecting privileged access to servers and network gear, virtualization and cloud computing add important new items that need to be locked down. First, organizations need to protect virtualization and cloud management consoles that provide unprecedented administrative power to create, configure, delete and copy network and server resources. Second, organizations must ensure the cloud management application programming interfaces (APIs) that transfer enormous administrative power to scripts, programs and DevOps tools are adequately controlled. Companies that want to ensure their data remains safe regardless of whether it is in a traditional database, in the cloud, or some variation of both, now need to seriously consider the security ramifications of having a lax privileged user policy - especially in an era where a few clicks of the mouse in the console, or a few commands in a script can wreak havoc.

The Snowden breach is a perfect example of the ramifications organizations typically overlook when they consider the negatives of a breach. According to different reports, the NSA has spent millions of dollars replacing software and hardware systems to mitigate the risk of undetected compromises on resources to which Snowden had access. These sorts of costs - forensic analysis, re-imaging, and repairing or replacing compromised systems - are frequently overlooked when assessing the potential value of privileged identity management programs. Harder to measure are the impacts arising from the disclosure or theft of sensitive and confidential information. Not to mention the potential for embarrassment and loss of trust from essential stakeholders including partners, customers, and others.

Another factor we see catapulting privileged users and insider threats as a key trend in 2014 is the increased attention toward regulations and compliance. Regulators are extending security and privacy mandates to cover the risks posed by privileged users and administrative accounts. High-profile insider breaches (e.g., Snowden, Wikileaks), plus increasingly advanced spearfishing and APT-based attacks, have heightened regulator and auditor attention to privileged user threats. And there are specific regulations that apply to specific industries. Some of the regulations include penalties for non-compliance, and many of these mandates continue to be updated to contend with the latest threats. A good number of them have been updated with specific requirements relevant to privileged identity management.

Privileged identity management protects organizations from the risks privileged users pose to systems and data. Privileged users - people like systems administrators, contractors, and third-party vendors - have routine access to the most sensitive IT resources. It's no wonder studies consistently show the largest and most damaging breaches are often traced to these individuals. Privileged identity management software supports and enforces the policies and controls needed to mitigate risks created by privileged users, those with elevated rights and access to administrative accounts, credentials, and systems.

Privileged identity management isn't just about privileged identities, though being able to positively identify powerful users and vault and manage their passwords is a key part of the equation. Next generation privileged identity management platforms also control, monitor and audit privileged users, ensuring they can access only explicitly authorized resources. Comprehensive privileged identity management tools also record privileged sessions so you know exactly what happens during each session - and you can prove it to your auditor. These tools also enable you to lock down virtual and cloud "super-user" administrative consoles, such as VMware's vCenter Server and the Amazon Web Services Management Console.

The fallout of the NSA/Snowden leak and other "insider threat" and "privileged user" incidents has significantly broadened interest in privileged identity management tools, and we expect that to only increase as cloud and virtual technologies continue to evolve. Inbound inquires to Xceedium, and likely other PIM vendors, have increased beyond the usual suspects, such as the traditional security leaders in banking and financial services or organizations with critical infrastructure and those other markets governed by strict security regulations. We're now seeing a big increase in interest across numerous industries and geographic regions.

As insider threats continue to shine a light on the need for next generation privileged identity management solutions, the important thing to remember is to focus on solutions that go beyond simple password management. The ability to attribute actions taken to specific individuals, as well as real-time logging and session recording, make it easier to proactively alert security teams to issues and conduct forensic analysis. If questions arise about an individual's activities, it's a straightforward task to determine exactly what they did and when. Cloud computing introduces important new administrative systems that need to be controlled and monitored. While security breaches are bound to happen, a modern privileged identity management system can make sure you are in a position to appropriately investigate what happened and keep the fallout to a minimum.

More Stories By Dale R. Gardner

Dale R. Gardner is Director of Product Marketing at Xceedium. He's developed and launched multiple network, systems, and security management products for the enterprise market. A former META Group analyst, he started his career as a programmer and networking specialist.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, discussed the impact of technology on identity. Sho...
"Operations is sort of the maturation of cloud utilization and the move to the cloud," explained Steve Anderson, Product Manager for BMC’s Cloud Lifecycle Management, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
"I think that everyone recognizes that for IoT to really realize its full potential and value that it is about creating ecosystems and marketplaces and that no single vendor is able to support what is required," explained Esmeralda Swartz, VP, Marketing Enterprise and Cloud at Ericsson, in this SYS-CON.tv interview at @ThingsExpo, held June 7-9, 2016, at the Javits Center in New York City, NY.
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his Day 2 Keynote at @ThingsExpo, Henrik Kenani Dahlgren, Portfolio Marketing Manager at Ericsson, discussed how to plan to cooperate, partner, and form lasting all-star teams to change the...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
SYS-CON Events announced today that IoT Now has been named “Media Sponsor” of SYS-CON's 20th International Cloud Expo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
SYS-CON Events announced today that WineSOFT will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Based in Seoul and Irvine, WineSOFT is an innovative software house focusing on internet infrastructure solutions. The venture started as a bootstrap start-up in 2010 by focusing on making the internet faster and more powerful. WineSOFT’s knowledge is based on the expertise of TCP/IP, VPN, SSL, peer-to-peer, mob...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, discussed the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports.
With billions of sensors deployed worldwide, the amount of machine-generated data will soon exceed what our networks can handle. But consumers and businesses will expect seamless experiences and real-time responsiveness. What does this mean for IoT devices and the infrastructure that supports them? More of the data will need to be handled at - or closer to - the devices themselves.
SYS-CON Events announced today that Dataloop.IO, an innovator in cloud IT-monitoring whose products help organizations save time and money, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Dataloop.IO is an emerging software company on the cutting edge of major IT-infrastructure trends including cloud computing and microservices. The company, founded in the UK but now based in San Fran...
Big Data, cloud, analytics, contextual information, wearable tech, sensors, mobility, and WebRTC: together, these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at @ThingsExpo, Erik Perotti, Senior Manager of New Ventures on Plantronics’ Innovation team, provided an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it m...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
"delaPlex is a software development company. We do team-based outsourcing development," explained Mark Rivers, COO and Co-founder of delaPlex Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
SYS-CON Events announced today that CA Technologies has been named “Platinum Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business – from apparel to energy – is being rewritten by software. From ...
SYS-CON Events announced today that Fusion, a leading provider of cloud services, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Fusion, a leading provider of integrated cloud solutions to small, medium and large businesses, is the industry’s single source for the cloud. Fusion’s advanced, proprietary cloud service platform enables the integration of leading edge solutions in the cloud, including cloud...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settle...