When security fails
A recent headline in Wired magazine read “Uber Hack’s Devastation Is Just Starting to Reveal Itself.” There is no corporation that wants that headline and the reputational damage and financial loss it may cause. In the case of Uber it was a relatively simple attack using an approach called Multi Factor Authentication (MFA) fatigue. This is when an attacker takes advantage of authentication systems that require account owners to approve a log in. Overwhelmed with a large number of notifications, they then blindly approve them all. This simple attack was done by an 18 year old and the consequences, though still being assessed, have already proved devastating for Uber’s reputation. No organization wants their private data and algorithms exposed to the world. No company wants their brand to be newsworthy because their own and their customers’ deeply sensitive data was exposed.
In a recent survey by the Cloud Security Alliance (CSA), it was reported that almost 60% of respondents experienced cloud security breaches in the past 12 months. The top three causes of these breaches were found to be misconfiguration, inadequate identity and access management, and malicious insiders. How do you mitigate your risk against these threats, considering that threat horizons scale across one or more cloud environments?
Don’t accept failure
As the above articles address, the need for strong security controls throughout the cloud environment includes both technical and organizational measures such as least privilege, segregation of duties, data classification, and more, as exemplified through CDP One, Cloudera’s turnkey SaaS offering.
Privileged identity management
Many organizations operate with cloud data lakes, which are complex analytical environments that require expertise, planning, and discipline to be effectively secured. How does Cloudera secure CDP One to give customers the confidence that their data and algorithms are secure from the many forms of hacks? How do they guarantee security function isolation so functions and changes can be applied with the least privileged access?
This is how.
Security always starts with making sure that your first line of defense is robust. Then other types of sophisticated tools and approaches are layered in.
Robustness comes in the form of security isolation as the first line of defense in protecting your cloud investment. CDP One effectuates that by making sure that users don’t have access to what they shouldn’t have. Examples include a developer inadvertently making changes to a sensitive resource or a malicious actor getting access administrator privileges.
Privileged identity management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on critical resources. For instance, Cloudera operations personnel do not have access to security functions, as this would enable them to increase their level of access or make themselves an administrator, giving them authority they wouldn’t otherwise have. They only have the access that is required for the immediate task at hand and for a set time limit. Also, manager approvals are required to gain any privileged access before any resource is made available to the requestor, adding an additional layer of control.
Microsoft reports that effective privileged identity management, multifactor authentication, and conditional access guards against 99.9% of all cybersecurity attacks. CDP One implements that model along with proprietary enhancements to ensure the identity of the user on top of MFA to increase security and prevent “MFA fatigue” attacks.
But privileged identity management is only the first line of defense of a comprehensive solution. There also needs to be justification as to why someone requires elevated access, notifications when privileged roles are activated, and access reviews to ensure users still require the roles, preventing removal of the last active global administrator and an audit history for internal and external auditing purposes. As described below, all these features together allow Cloudera to comprehensively manage, control, and monitor access to your resources while maintaining the highest level of protection.
The jump host
While privileged identity management is the lynchpin to maintaining a high level of security, there are multiple additional layers of security in CDP One, each providing their own layer of protection. Since CDP One is driven by automation, an end user never requires direct access to the underlying infrastructure. However, there are reasons a Cloudera operations resource might be required to access a log file or application configuration in a troubleshooting exercise.
This is where a jump host comes in. The purpose of a jump host is to provide a way to access systems in a highly controlled environment that can be audited and monitored. A jump host on CDP One is a hardened instance with very specific capabilities including no external access, virus protection, and additional types of security.
Jump host access is something that a user must first request before they are granted permissions to access a resource. There is an approval process in place for granting permissions to the relevant resources before anyone can connect to instances. Once access is granted to a resource, it is time bound, meaning that their authorization is limited, for as little as 15 minutes or up to eight hours, but at no time do they have indefinite access. Additionally, every interaction is logged and audited for potential issues.
Multiple layers of security for protection
Privileged identity management and the jump host are critical security features, but there are multiple layers of additional security needed to protect your assets, including:
- Encryption for both data at rest and in motion, which is fundamental to data security.
- Cloud platform hardening to isolate and protect the cloud platform.
- Network perimeter through the use of technology that allows all traffic to be inspected and explicitly routed.
- Data loss prevention to ensure the integrity of the data.
- Compliance and incident response, which is the cornerstone of any security for early detection and response.
- Log management and analyzing events using sophisticated software for anomalies.
- Authorization, which provides data and resource access.
- Host-based security as the last line of defense.
Each layer is responsible for a certain part of the security stack, but CDP One encompasses them all together to provide a robust security environment designed to protect your data assets.
Last line of defense
Often one of the most overlooked aspects of protecting your cloud environment is host-based security. This is the last line of defense. Host intrusion detection is a key component of host-based security. An agent running on the host detects suspicious activity, based on either known threat signatures or behavioral anomalies, and sends alerts to administrators of the unusual event. Cloudera leverages machine learning algorithms for hybrid host-based intrusion detection and, when combined with either threat or anomaly-based systems, offers even higher detection rates. Along with file integrity monitoring, log management, and other approaches, CDP One has a robust host-based security approach.
Reputation is everything
With our world-class proprietary security that is built into CDP One, we take securing access to your data and algorithms very seriously. We understand the criticality of protecting your business assets and the reputational risk you incur when our security fails, and that’s what drives us to have the best security in the business. This is why we have a dedicated team of sophisticated security professionals that constantly monitor, improve, and secure your hosted CDP One environment to guarantee the security of your data.
Are you ready for your critical resources to be monitored all day, every day so that your assets are safe and secure?
Try CDP One, the first SaaS data lakehouse that delivers end-to-end, continuously automated security for your analytics in the cloud.