More on this book
Kindle Notes & Highlights
Current trends in the mobile platform space indicate attackers are most interested in stealing personal data. This trend is partly due to the increasing use of smartphones for financial and banking transactions, which provides new opportunities for identity thieves and other criminal
Techniques for hiding messages within images have been used within the security realm since long before the invention of information technology.
Search poisoning has also become a common method.
As Mustaque Ahamad, director of Georgia Tech Information Security Center, noted recently (2011), “We continue to witness cyber attacks of unprecedented sophistication and reach, demonstrating that malicious actors have the ability to compromise and control millions of computers that belong to governments, private enterprises, and ordinary citizens.” Yet, as we try to make sense of the deluge of news about attacks and vulnerabilities, it’s essential to retain a sense of perspective. Most threats do not take place using exotic, obscure methods. Instead, they take the path of least resistance,
...more
For all organizations, some level of compromise is inevitable, making defense in depth as essential as ever. Losers ignore the trends.
An organization’s ability to learn, and translate that learning into action rapidly, is the ultimate competitive advantage. —Jack Welch
We need a more agile security architecture that can quickly learn and adapt to new challenges as they emerge.
Because the environment is changing so quickly, in ways we cannot control, it’s impossible to predict all the future challenges we’ll need to face.
We need an architecture that can learn to manage wh...
This highlight has been truncated due to consecutive passage length restrictions.
A learning system is harder to defeat because it can more quickly adapt in response to new attacks.
delivered results by helping us provide innovative solutions to challenging use cases while actually reducing risk.
(Ben-Shalom et al. 2011, Sunderland and Chandramouly 2011, Gutierrez et al. 2012),
A key aspect of the architecture is that it provides more flexible, dynamic, and granular security controls than tradi...
This highlight has been truncated due to consecutive passage length restrictions.
We can provide users with different levels of access depending on factors such as the devices they ...
This highlight has been truncated due to consecutive passage length restrictions.
the technology dynamically adjusts a user’s access privileges as the ...
This highlight has been truncated due to consecutive passage length restrictions.
The new architecture greatly improves threat management.
collective intelligence that we can use to learn, adapt, and evolve.
assumes that compromise is inevitable and focuses heavily on survivability.
We are applying security monitoring and business intelligence to analyze patterns of behavior and detect anomalies that are symptoms of attacks.
automatically taking corrective action where it makes sense to do so.
consumerization is a major IT theme with ever-broadening impact. It includes several trends, including the adoption of new applications and support for consumer devices.
Greater security and manageability means that IT can place greater trust in the device and provide a correspondingly greater level of access to enterprise resources.
We need a security architecture that enables us to more quickly support new devices and provide access to a greater range of applications and data, without increasing risk. We need to be able to dynamically adjust the levels of access we provide and the monitoring we perform, depending on the security controls of the client device.
In general, we need to quickly provide new users access while minimizing risk and providing selective, controlled access only to the resources they need.
Securing access to cloud-based services presents challenges that aren’t easily addressed using conventional security controls.
In cloud environments, systems and their data are virtualized and may migrate dynamically to different network locations.
This makes it difficult to effectively restrict access using traditional security controls such as firewalls, which rely on fixed locations of systems and a more static nature of the data. We need much more granular and dynamic controls that are linked ...
This highlight has been truncated due to consecutive passage length restrictions.
assume that compromise is inevitable.
Traditional enterprise security architectures have relied largely on preventative controls such as firewalls located at the network perimeter.
our primary focus has shifted to providing controlled access to a broader range of users and devices, rather...
This highlight has been truncated due to consecutive passage length restrictions.
we need tools that increase the ability to survive and recover once attackers have gained access to the environment.
The growing emphasis on privacy requirements and the increasingly complex regulatory environment have many implications for the way we manage information. Some regulations create the need for more control over where information is stored and require specific levels of protection and tracking. Our architecture must provide this assurance, allowing us to build a high-security environment and access controls appropriate for the protection of highly regulated information.
The architecture should enable us to more quickly adopt new devices, use models, and capabilities; provide security across an increasingly complex environment; and adapt to a changing threat landscape.
Key goals include helping increase employee productivity while supporting new business requirements and technology trends, including IT consumerization, cloud computing, and access by a broader range of users. At the same time, the architecture is designed to reduce our attack surface and improve survivability—even as the threat landscape grows in complexity and maliciousness.
this is a characteristi of a dynamically learning architecture.
The architecture moves away from the traditional enterprise trust model, which is binary and static.
no trus until verified
With this traditional model, a user is in general either granted or denied access to all resources; once granted, the level of access remains constant. The new architecture replaces this with a dynamic, multitiered trust model that exercises more fine-grained control over identity and access control, including access to specific resources. This means that for an individual user, the level of access provided may vary dynamically over time, depending on a variety of factors—such as whether the user is accessing the network from a highly secure managed device or an untrusted unmanaged device.
The architecture’s flexibility allows us to take advantage of trust that’s built into devices at a hardware level, as well as trust in applications and services. Increasingly, devices will include hardware-enforced security designed to ensure the integrity of the applications and data on the device.
true accomodation of a broad range of devices.
The architecture is based on four cornerstones: Trust Calculation. This unique element of the architecture handles user identity and access management, dynamically determining whether a user should be granted access to specific resources and, if so, what type of access should be granted. The calculation is based on factors such as the user’s client device and location, the type of resources requested, and the security controls that are available. Security Zones. The infrastructure is divided into multiple security zones that provide different levels of protection. These range from trusted
...more
This highlight has been truncated due to consecutive passage length restrictions.
The calculation enables us to dynamically adjust users’ levels of access, depending on factors such as the devices and networks they are currently using.
These zones host data and services (or the interfaces to them) that can be exposed to untrusted entities.
We expect to provide this controlled access using application proxies.
the new security model requires that we balance preventative controls with detective (monitoring) and corrective controls, for several reasons.
the focus of the new model is on enabling and controlling access from a wider range of users and devices, rather than on preventing access. Second, the continually changing threat landscape makes it necessary to assume that compromise will occur; all preventative controls will eventually fail. Once attackers have gained access to the environment, the preventative controls they have bypassed are worthless. By increasing the use of detective controls and implementing more aggressive corrective controls, we can mitigate the risk of allowing broader access. These
Security business intelligence is a key technology that we can use to detect suspicious behavior as the environment becomes more complex and attackers become more adept at concealing compromises.
we can use security business intelligence—analysis and correlation of data gathered by monitoring—to analyze patterns of behavior.
The system allows access to specific documents but tracks the activity.
Additional monitoring of those systems is automatically enabled.
The new architecture therefore expands our defenses to two additional perimeters: the data itself and the users who have access to the data.
Important data should be protected at all times—when it is created, stored, and transmitted.
This becomes increasingly challenging as we move data to more and more devices and let more people access it.
