BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

AFITC 2010

Posted August 31, 2010    Morey Haber

If your organization has never considered, or taken, IT security seriously, a keynote speech given by Maj. Gen. Richard Webbers at the Air Force Information Technology Conference 2010  in Montgomery, AL would have certainly changed your mind. The General went through a brief history of the 24th Air Command, its role in supporting cyber threats, and how this new division is combating modern threats to our military’s infrastructure. Even though the conference is closed to the general public, his speech defined how seriously the Air Force and United States Government are taking the concept of cyber intelligence and cyber-attacks. For the US Air Force, this command represents an entire division focused on protecting Air Force information technology and providing a consolidated technology forum for the cyber war fighter. His speech outlined the amount of dedicated resources to combat the problem and was justification alone to anyone on how seriously the Government is taking the threat of cyber threats. If the government is taking IT security this seriously, shouldn’t most organizations at least bring attention to their own security problems? His speech was a blunt reminder that we all need to consider security for our computing devices.

I have heard grumblings through the media that we will soon run out of IPv4 addresses. A second keynote from Dr. Tom Leighton, Co-Founder and Chief Scientist for Akamai confirmed this in the most unusual way. He indicated that companies that own large quantities of IPv4 addresses, that are commercially “inexpensive” to acquire, are being purchased by third parties just for their IPv4 addresses and nothing related to their business or technology. Amazing that we have come down to this.

In addition, the second part of Dr. Leighton’s presentation focused on how data is cached in the cloud via Akamai servers verses direct connections from every source to every web service. With the limitations of IPv4 and now only the emergence of IPv6, Akamai developed their own proprietary address schemes and routing protocols to manage the caching of data in the cloud. In essence, Akamai provides cloud services of their own in the cloud that are completely transparent to virtually everyone. In watching his demonstration on security threats to Akamai’s network, it became apparently clear the threats to the cloud will not necessary benefit from IPv6 (yes there will be some), but even IPv4 installation of cloud services could learn some lessons from Akamai’s infrastructure:

• Keep your cloud (and data center) operational communications “out of view” from normal traffic
• Never allow a single point of failure (not even a cable) to allow for your infrastructure to fault
• When possible, distribute components of the workload with redundancy.

Realistically this is cost prohibited for most applications and businesses, but as lessons learned goes, Akamai has succeed in making the internet “always” available even when outages and cyber attacks occur using this strategy. I hope many emerging cloud service vendors look at companies like Akamai and learn from their infrastructure and management of security threats.

So, after a long day at AFTIC 2010, it has become apparent that even the most basic IT services take security and vulnerabilities very seriously. Vendors and the Air Force recognize the importance of building security into every process and every piece of technology deployed. It is my hope that everyone takes a piece of this to their homes and businesses and learn that protections as simple as passwords can protect against even some of the most basic cyber threats.

Tags:
, , , , ,

Leave a Reply

Additional articles

beyond-trust

PowerBroker for Windows – Most Innovative IAM Solution by Cyber Defense Magazine

Posted April 21, 2015    Scott Lang

PowerBroker for Windows has been selected as a winner by the 2015 Cyber Defense Magazine Awards Program in the category of “Most Innovative Identity and Access Management Solution”.

Tags:
, , ,
pbps-customer-campaign-image

Are you changing your passwords as often as the weather changes?

Posted April 20, 2015    Scott Lang

There is one thing that should change more frequently than the weather: Your privileged passwords. Why? If you’re like more than 25% of companies out there, then your current IT environment contains unmanaged accounts putting you at risk of data breaches and compliance violations, and you don’t have a process to control those accounts.

Tags:
, , , ,
webinar1

On Demand Webinar: Advanced Windows Tracing

Posted April 17, 2015    BeyondTrust Software

Webinar: Security MVP, Paula Januszkiewicz, shows Windows administrators how to be more aware of what happens whenever somebody does something within the system.

Tags:
, ,