Welcome!

@CloudExpo Authors: Elizabeth White, William Schmarzo, Liz McMillan, Stefan Bernbo, Yeshim Deniz

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Microsoft Cloud, Agile Computing, Cloud Security

@CloudExpo: Article

Proverb: When a Door Closes, Just Make Sure You Don't Leave a Window Open

Not every employee leaves a company with a gold watch and a handshake.

Earlier this month I attended a local cloud developers group, and I met a gentleman who consults with companies to engage in deep dive forensic examinations of their networks. He looks for the virtual fingerprints of misdeeds, fraud, and misdoings that can be used for e-discovery in legal cases. He essentially gets down to the bits and bytes of how much information flows to certain IP addresses to ascertain whether or not proprietary data has been tampered or stolen.

He confirmed something that I long believed to be true. One of the greatest threats to an organization comes from within. Not everyone who exits a company leaves with a handshake and a gold watch. Often time there are hard feelings; that the employer wronged the former employee and that employee will exact a matter of revenge or feel justified to extract some sort of perceived compensation. This includes everything from the outright theft of sales leads and databases, to accessing their company email account to send “nasty-grams” to customers and other employees, to malicious sabotage. I am aware of several specific incidents where someone knowingly introduced malware into the company network.

Now this isn’t meant for you to look sideways at the person sitting in the next cubicle. However, access policies  needs to be a part of any company’s  internal risk assessment and security policy.

One of the easiest ways to prevent the disgruntled employees is to bar their access. Seems straight-forward enough, right? If it were the case, it really wouldn’t continually rank as one of the top threats to networks. The problem is that there are so many moving parts to properly dismiss an employee.  Sure there’s someone watching them pack up their physical belongings and making sure they don’t leave a little goodbye gift on the network on their way out. But if the tap is left on, the employee can come in hours, days or weeks later and create unnecessary havoc.

And the more diverse the enterprise (multiple divisions, brands, franchises, etc…), the harder it is to keep tabs on the coming and going of legitimate employee access.

Case in point:  I know of a national enterprise that franchises their individual locations to independent operators. Each franchisee is free to hire and fire their own staffs. Every staff member has a corporate email account and is allotted certain access to corporately managed applications. So, we are talking thousands of employees with a large enough churn rate to raise some issues with corporate headquarters.

There is a definitive need to promote franchise autonomy while still assuring adherence to corporate access and usage policies. The quick answer is a policy of provisioning and de-provisioning. There are plenty of solutions that accomplish this. Identity management and access management is not a new concept…even via the cloud. The trick is to create an easy-to-use, cost effective process to create self-service that allows the franchisee to add new employees and automatically give them certain rights based on their role. Conversely, when an employee leaves the company, there must be an equally simple way to retire the account and prevent anyone from using that account to access corporate information.

The key word is automatically.

So before the termination paperwork reaches the headquarters in Fort Meyers, Florida, the franchise manager in Rhode Island or Honolulu can inactivate the employee’s access via self-service. With a single keystroke in the IDM solution and their access to email ceases; their ability to get on the network and access files is blocked; their accounts to every application is removed. Even if  a manager forgets, the central system can take steps to assess usage. If an account is dormant for 10 days or 3 weeks (examples not hard and fast rules), it is marked for inactivity and retired.

But bolting the door behind them, doesn’t mean they don’t know how to pick the lock. This is part of our cautionary tale that keeps the forensic investigator busy.

This is also where the benefit of unified security comes into play. You’ve used your IDM investment to remove the credentials, but that doesn’t mean the motivated insider won’t try. Because of continuous monitoring practices (in real time) you can generate alerts if anyone tries to access retired accounts, tries to change a password, or generates multiple login failures in a short period of time. A system that leverages IDM with SIEM and log management, not only receives the alert, but sees the IP address (and other identifying attributes) of who is attempting access.

Now for argument’s sake, let’s say they were particularly bright and used some shadow IT shenanigans to back door into your network. Real time monitoring will still catch the access attempt and also recognize if any proprietary asset is changed, downloaded or modified. In that it is real time and not simply logged, gives you a strong chance to repel or immediately respond to the attack. As I have said in several blogs, unless you have the budget, the IT sophistication and the resources, having all of these concurrent initiatives can be seen as a luxury—unless you package them as a security as a service platform from the cloud. The ability to leverage a variety of capabilities—have them “talk” to one another across multiple information silos, physical locations, various applications and divisions. When you can centralize them, it creates a unique advantage that strengthens your position to ensure  a former employee cannot take advantage of your sensitive data and proprietary assets.

And before I forget…make sure in your written employment policies you address BYOD. That way you retain the option/right to completely or partially wipe their personal devices upon termination of employment.

I’ll leave you with another old proverb: “The key that opens is also the key that locks.”

Kevin Nikkhoo
Auto-provisioner

Cloud Access

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@CloudExpo Stories
Cloud applications are seeing a deluge of requests to support the exploding advanced analytics market. “Open analytics” is the emerging strategy to deliver that data through an open data access layer, in the cloud, to be directly consumed by external analytics tools and popular programming languages. An increasing number of data engineers and data scientists use a variety of platforms and advanced analytics languages such as SAS, R, Python and Java, as well as frameworks such as Hadoop and Spark...
Automation is enabling enterprises to design, deploy, and manage more complex, hybrid cloud environments. Yet the people who manage these environments must be trained in and understanding these environments better than ever before. A new era of analytics and cognitive computing is adding intelligence, but also more complexity, to these cloud environments. How smart is your cloud? How smart should it be? In this power panel at 20th Cloud Expo, moderated by Conference Chair Roger Strukhoff, paneli...
"Loom is applying artificial intelligence and machine learning into the entire log analysis process, from start to finish and at the end you will get a human touch,” explained Sabo Taylor Diab, Vice President, Marketing at Loom Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
Cloud promises the agility required by today’s digital businesses. As organizations adopt cloud based infrastructures and services, their IT resources become increasingly dynamic and hybrid in nature. Managing these require modern IT operations and tools. In his session at 20th Cloud Expo, Raj Sundaram, Senior Principal Product Manager at CA Technologies, will discuss how to modernize your IT operations in order to proactively manage your hybrid cloud and IT environments. He will be sharing bes...
A look across the tech landscape at the disruptive technologies that are increasing in prominence and speculate as to which will be most impactful for communications – namely, AI and Cloud Computing. In his session at 20th Cloud Expo, Curtis Peterson, VP of Operations at RingCentral, highlighted the current challenges of these transformative technologies and shared strategies for preparing your organization for these changes. This “view from the top” outlined the latest trends and developments i...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
"We are a monitoring company. We work with Salesforce, BBC, and quite a few other big logos. We basically provide monitoring for them, structure for their cloud services and we fit into the DevOps world" explained David Gildeh, Co-founder and CEO of Outlyer, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Join us at Cloud Expo June 6-8 to find out how to securely connect your cloud app to any cloud or on-premises data source – without complex firewall changes. More users are demanding access to on-premises data from their cloud applications. It’s no longer a “nice-to-have” but an important differentiator that drives competitive advantages. It’s the new “must have” in the hybrid era. Users want capabilities that give them a unified view of the data to get closer to customers and grow business. The...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
Artificial intelligence, machine learning, neural networks. We’re in the midst of a wave of excitement around AI such as hasn’t been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. Will this time be different? Most likely. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Furthermore, the funding and research going into AI now comes from a wide range of com...
"When we talk about cloud without compromise what we're talking about is that when people think about 'I need the flexibility of the cloud' - it's the ability to create applications and run them in a cloud environment that's far more flexible,” explained Matthew Finnie, CTO of Interoute, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business...
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
SYS-CON Events announced today that Ayehu will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara California. Ayehu provides IT Process Automation & Orchestration solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication, and recovery from cyber security breaches. Ayehu provides customers greater control over IT infras...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...