Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

6/26/2018
10:30 AM
Tom Thomassen
Tom Thomassen
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Secure by Default Is Not What You Think

The traditional view of secure by default - which has largely been secure out of the box - is too narrow. To broaden your view, consider these three parameters.

Secure by default is not a new issue, but it is an ever-increasing challenge. That’s because enterprise environments continue to become more complex as IT capabilities increase and the sheer volume of data grows exponentially. Technology stacks have many moving parts, with a lot of unique dependencies and requirements.

In this world, the traditional view of secure by default — which has largely been secure out of the box — is too narrow. Instead, secure by default today is no less than an entire ecosystem of moving parts aligned to the same goal. In fact, it is not really possible to build a product that’s secure out of the box. For secure by default to truly reach its potential, customers who use that product must be able to securely develop and deploy solutions for it.

To broaden a view of secure by default, consider these three parameters:

1. How you build it: Products and applications need to be built with security in mind — from the beginning. This means best practices and rigorous processes need to be followed. For instance, penetration testing can mimic real-world attacks that circumvent security controls. Threat modeling can model IT systems and software to understand potential threats, categorize possible impact, and then mitigate vulnerabilities. Code reviews ensure use of current versions of standard libraries and appropriate cryptography. Developers need to understand secure coding and adhere to coding best practices.

2. How and what you do when you install it: Once a product is built to be secure by default, it still needs to remain that way once deployed in its environment, which is increasingly complex and interconnected. That’s why the first responder — the person installing the product, application, or database — is evermore important. To keep the organization and users safe, the first responder needs to apply general principles, such as configuring controls to be secure as possible, enabling encryption at rest and SSL/TLS secure communication channels, restricting access to applications or data only to those people who need it, and requiring authentication that relies on trusted identity sources. Certificate or key-based authentication also are considerations.

General principles can guide administrators, yet one size does not fit all. Administrators also have to tailor approaches to specific environments. What banks need from their databases, applications, and other technologies, for instance, is different from what oil companies or intelligence agencies need. Whatever the industry, someone needs to watch the whole picture. For instance, a database sits between an application above it and an operating system below it. A network brings them all together. Each one of those layers has to do something appropriate for that layer in terms of security. But if one layer is not secure, there’s potential for a failure of the weakest link to compromise the entire system.

Another test of secure by default at the installation level is whether the end user needs specific technical understanding to securely use an application or database. If he does, the administrator has more work to do.

3. What policies and governance are set up: Data management policies need to be continually enforced to protect an enterprise’s most valuable asset: its data. These policies govern data and validate data provenance, where the data came from, as well as when, how, and if it was changed, and by whom. Data policies also need to follow the data, no matter where it goes. This will ensure that safeguards such as encryption and access controls remain in place.

Separation of duties is also key. The system administrator, who controls the server, should not have access to the database, while the database person should not have access to security controls, and vice versa. By having a separation of duties, no one role can compromise the system.

Throughout the Enterprise
Secure by default still means having the best security possible without users even knowing that it is there. But the pace of data breaches continues to indicate that enterprises have a long way to go to achieve secure by default throughout their ecosystems of technologies.

By broadening the view of what secure by default entails, enterprises will be more likely to build systems that are secure top to bottom. This requires involving humans even more in the oversight and administration to make sure that secure by default extends throughout the enterprise.

After all, when it comes to security, the old adage is really true: You are only as strong as your weakest link.

Related Content:

Why Cybercriminals Attack: A DARK READING VIRTUAL EVENT Wednesday, June 27. Industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. Go here for more information on this free event.

Tom Thomassen is a senior staff engineer of security at MarkLogic. He is responsible for helping identify and implement secure development practices into the company engineering process, educating the team on security best practices, monitoring and responding to changes in ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29430
PUBLISHED: 2021-04-15
Sydent is a reference Matrix identity server. Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to memory exhaustion and denial of service. Sydent also does not limit response size for requests it mak...
CVE-2021-29431
PUBLISHED: 2021-04-15
Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perform a...
CVE-2021-29432
PUBLISHED: 2021-04-15
Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d.
CVE-2021-29447
PUBLISHED: 2021-04-15
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has be...
CVE-2021-30245
PUBLISHED: 2021-04-15
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to ...