As some of you may or may not know, I have a book that is
coming out next month on the Zero Trust Framework. It deals with the topic of Quantum Physics,
and how it can be used in this respect.
I also just recently signed the book contract for another one, and this
will deal specifically with how to deploy the Zero Trust Framework into
Microsoft Azure.
As you probably know as well, Azure is one of the Cloud
deployment juggernauts, along with the likes of AWS, and Google Private
Cloud. A key component of Azure is what
is known as the “Azure Active Directory”, or the “AAD” for short.
Long story short, this is where all of the employee groups
and profiles are stored, in an effort to streamline the permissions, rights,
and privileging process. Now, I am far
away from being an expert on Azure, but I do know that from the standpoint of
Cybersecurity, this is has always been a favored target to prey upon.
But unfortunately, there are many avenues from which a
Cyberattacker can enter into the AAD in a covert fashion, so this leaves many
IT Security teams scratching their heads trying to figure out how to best
protect their infrastructure. Probably
one of the best ways to do this is to see what is most at risk for you, based
upon what your security requirements are.
This is also known as the “Tier Zero Assets”.
So what are some of these that you should include in your
list? The following is a sampling of
what you should consider:
1)
Focus on the Domain Control Groups:
This simply means to focus your
attention on those objects in the AAD that have control over mission critical
domains. This does not necessarily mean
something when you register a domain, but rather, a domain is something that
has achieved a main of classification.
For example, you can designate your accounting department as domain, and
all of the employees profiles that you put into this category would become
known as the “Objects”. This is the
level in which you will also super user privileges, which are the “Privileged
Accounts”. So as you can see, looking at
and carefully scrutinizing these domain control groups should become of prime
importance.
2)
Look at the mission critical processes:
Remember, it is not just all about
your employees. Some of your important
processes could also be contained in your AAD infrastructure as well. For example, these could also include any
computing resources that are stored On Prem or and in your Azure account. Here are some examples of what I am talking
about:
*Root Certificate Authorities
*The Azure Active Federation
Services
*Azure Active Directory Connect
Services
*Any other Privileged Access
Management tool that you make use of, such as those offerings from CyberArk
But keep in mind that the above is
not an all-inclusive list. There are
other so-called objects that could be important to your business as well, and
this is where conducting an all-encompassing Risk Assessment will come into
play.
3)
Automation:
At the present time, automation is
a big buzzword in Cyber. With this in
mind, also comes the usage of AI and ML tools.
This is starting to become a big trend today, especially with the
ChatGPT software platform that has come out from Open AI. To keep up with all of this, all of the major
Cloud providers are planning to offer their own version of this, and developing
new tools that can be accessed and deployed within a matter of minutes. In this regard, the automation of code
execution processes becomes popular, given the fact that a business could have
hundreds or thousands of them to run on a daily basis.
My Thoughts On This:
As I have mentioned, what I have provided here is by no
means an exhaustive list, rather, it is just to give you an idea of what to
look for as you further try to protect your AAS infrastructure. Also keep in mind that keep in mind that
depending upon the size of your business, an AAD infrastructure can become
quite complex.
Therefore, it is important that your IT Security team, or
even the IT Department, try to streamline it as much as possible to better
protect it.
Also, it is important that you come up with a plan of attack
as to how you are going to do this.
Therefore it is highly recommended that you do this in phases and steps,
in order to make sure that no mistakes are made and nothing is overlooked in
the end.
A great place to use as a resource is the “Enterprise Access
Model”. It spells out in greater detail
what should be deemed as a “Zero Tier” Asset.
It can be downloaded at this link:
No comments:
Post a Comment