Author Topic: how do you control and monitor privileged access?  (Read 5039 times)

0 Members and 1 Guest are viewing this topic.

Offline Alline Cliff

  • Thread Starter
  • Posts: 24
how do you control and monitor privileged access?
« on: Wed, 07 June 2017, 09:21:41 »
In our company, only those seen as responsible can be trusted with “root” privileges like the ability to change system configurations, install software, change user accounts or access secure data. But from a security perspective, it never makes sense to unconditionally trust anyone. That’s why we still want to control and monitor even the trusted access. Can you share what your solution is to have a secure, streamlined way to authorize and monitor all privileged users for all relevant systems?

Offline nuclearsandwich

  • Posts: 752
  • Location: Santa Clara Valley, CA
Re: how do you control and monitor privileged access?
« Reply #1 on: Wed, 07 June 2017, 15:15:57 »
A good defense against misconfiguration or unintended production operation (i.e. accidentally dropping the production database instead of test database) is indirection.

I'm not the world's biggest fan of configuration tools like Puppet or Chef, but what I like is that exclusive use of configuration management with version control provides the same level of introspection, history tracking, and review to infrastructure configuration changes as version control does for software projects.

With some work config management can also help teams of 2-20 with machine access, privileged or otherwise. Storing ssh public keys in config management, one per team member or using something like locksmith or even LDAP to manage user access and keys means there's a paper trail of who has direct access to production systems and when.

There are situations where direct root access is necessary. Someone has to have the power to initiate configuration management when the system is brought up. And during operations incidents direct access may be required if the indirection layers are affected by the incident or the latency introduced by their use may be prohibitive.

Previous teams I've worked on allowed the development team to access production servers through a bastion host which, I expect, logs who accesses what.
In addition to good software protections having a culture that encourages "production buddies" (only access production when another team member can share your screen or sit behind you) can be really helpful in averting disaster because it puts two sets of eyes on production access.

Offline Blanched_Almond

  • Posts: 20
Re: how do you control and monitor privileged access?
« Reply #2 on: Thu, 15 June 2017, 08:09:24 »
A traditional web security scanner can't give a full assurance in securing a website but it can increase your site's protections or minimize the hacker's chances. A scan sensor can be more accurate because it can help you to identify more security holes. If you want you could go beyond security solutions. You can try reading about it online.

Offline algernon

  • Posts: 311
  • A tiny mouse, a hacker.
    • Diaries of a Madman
Re: how do you control and monitor privileged access?
« Reply #3 on: Thu, 15 June 2017, 08:31:09 »
We have no direct access to our systems, in general: everything goes through version control and configuration management. If for some reason, one needs direct access, that goes through the same process too.

The only exception is when the situation is so bad, that we can't go thorough the usual channels. Then we have at least two people do their stuff as a pair.

Offline Alline Cliff

  • Thread Starter
  • Posts: 24
Re: how do you control and monitor privileged access?
« Reply #4 on: Sun, 25 June 2017, 08:46:46 »
Thanks for the replies and this is appreciated.

I am actually looking into least privilege solutions which can control over all accessibility. Anyone who has used the tool or something similar to it? In terms of streamlining, is it not too strict ( managed flexibility) on the IT administrators point of view?

Offline TacticalCoder

  • Posts: 526
Re: how do you control and monitor privileged access?
« Reply #5 on: Sat, 09 September 2017, 06:21:32 »
...or access secure data.

Cannot help but...

Regarding access to secure data there's also the backup issue.  How are the backups done?  Are they encrypted?  If they're encrypted, how do you know the backups can actually be restored?  "Backups" that cannot be restored are a very real issue.  Encrypted backups that cannot be restored are even more problematic.

So what's the strategy there?  Without encryption on backups you typically cannot even know if "secure data" were accessed or not. At least for stuff that is "online" you can typically see who accessed what. Kinda. Sorta. But backups? It's a problem...

I know at least one very major european company (as in: market cap in the tens of billions of EUR), working in the IT sector, which is supposed to have encrypted backups but which doesn't bother with encryption. So backups are all in the clear... And several people can access these backups without anybody knowing.

When you see all the data leak that do occur, including the recent one where hundreds of millions of private data were stolen/exposed, you realize that very few do it right.

People don't take security seriously. Backups security even less so.
HHKB Pro JP (daily driver) -- HHKB Pro 2 -- Industrial IBM Model M 1395240-- NIB Cherry MX 5000 - IBM Model M 1391412 (Swiss QWERTZ) -- IBM Model M 1391403 (German QWERTZ) * 2 -- IBM Model M Ambra -- Black IBM Model M M13 -- IBM Model M 1391401 -- IBM Model M 139? ? ? *2 -- Dell AT102W -- Ergo (split) SmartBoard (white ALPS apparently)