Android devices recently suffered a spate of attacks. Similar attacks have been made against Apple devices and nearly every other brand of smart device. Does this mean that this is the end of Android or of mobile devices? Or does this mark the rise of mobile device management (MDM) and other software specifically designed to secure end user computing (EUC) devices? EUC security has two failure points: the handheld device and further in the network. But does an insecure device imply loss of data? Perhaps. Loss of credentials? Once more, perhaps. But do we really care? That is not known. So, let us look at a typical use case.
Articles Tagged with Identity
It was all over the web on June 18: Code Spaces went off the air, as we discussed during the Virtualization Security Podcast on 6/19. The reasons are fairly normal in the world of IT and the cloud. They were hacked. Not by subverting the Amazon cloud, but in ways considered more traditional—even mundane. An account password was discovered, either by hacking using one of the seven SSL attacks that exist today or by guessing with the help of inside knowledge gained through social engineering. However the account was hacked, the damage was total. While we may all ask why Code Spaces was attacked, we may never know the answer. Nevertheless, in general such attacks are all about the Benjamins. What lessons can we learn about this attack? How can we improve our usage of clouds to protect our own data, systems, and more from similar attacks?
In the past we have discussed the various aspects of the secure hybrid cloud, ranging from the data center through a transition stage and finally to and from the cloud. Unfortunately, picking just one security solution, or even one family of solutions, does not work, so we need to start thinking outside the box and pick the best based on our needs, which cover compliance as well as security. So how do we pick a security solution based on our needs?
HyTrust released version 3.5 of their virtualization security proxy and compliance tool. This tool is core to a growing ecosystem of partners and systems. HyTrust has also expanded its role within the secure hybrid cloud by covering more of what is traditionally part of the data center. HyTrust is a proxy that sits between an administrator and sensitive systems by providing both advanced role-based access controls and advanced logging. With HyTrust fronting your VMware vSphere environment, HP ILO, Cisco UCS UIM, and Nexus Switches, administrators gain a fine-grained level of control over actions, improved logging in these environments, and the ability to vault critical passwords. With HyTrust there is no need to share passwords, but there is a need for robust control of an Active Directory environment.
When it comes to the secure hybrid cloud, Identity has many different definitions from a device a user is using to the combination device, location, password, and other multi-factor authentication means. Even with all the technology there is still the question of where the identity store lives (the bits that contain the identity for all users, devices, etc.) as well as how do you prove identity once the user goes somewhere within the cloud which is outside your control?