Design for Security : Applying a Layered Approach

With varying work styles and bring-your-own-device (BYOD) culture on the rise, organizations have concerns on how they can secure their sensitive data from malicious intent. Security is an integral aspect of any architecture. Data breaches can be significantly costly, ruin company’s reputation, result in a job loses and have a long-term effect on consumer trust. Organizations today have to support access to data and services from both inside and outside the corporate firewall.

Adopt Zero Trust Model

Zero Trust is an information security framework which states that organizations should not trust any entity inside or outside of their perimeter at any time but, instead, continually validate trust. In most organizations, it is assumed that every user, data and device inside a network is trustworthy and cleared for access. The vulnerability with this is that once the unauthorized user or attacker has access to a network, they can have access to everything within the network.

Adopt a layered approach using Security in Depth

Security in-depth is a strategy that involves the use of multiple rings or layers of security. The idea is to slow down the attacker from obtaining unauthorized information and provide notifications based on telemetry that can be acted upon. Each layer provides protection from being breached by decreasing the unauthorized chance of success.

Data

Data is the most valuable asset of any organization. Regardless of any legal or regulatory requirements, it is in a business’ best interest to ensure protection, confidentiality, availability and integrity of the data.

In most cases, an organization’s data is stored in cloud storage, along with attached disks on virtual machines, databases, tapes, email productivity and SaaS applications. In a cloud shared responsibility model, it is the organization’s responsibility to ensure that  proper access, security and compliance needs are met.

Applications

Applications and the data associated with them ultimately act as the primary store of business value on a cloud platform. It is important that the security team reduces the count and potential severity of security bugs in its application by implementing security practices and tools during the development lifecycle.

For each of the application or components, you should be answering these questions:

• Are you authenticating connections using Azure AD, TLS (with mutual authentication), or another modern security protocol approved by your security team? This protects against unauthorized access to the application and data:
  • Between users and the application (if applicable)
  • Between different application components and services (if applicable)
• Do you limit which accounts have access to write or modify data in the application to only those required to do so? This reduces risk of unauthorized data tampering/alteration.
• Is the application activity logged and fed into a Security Information and Event Management (SIEM) via Azure Monitor or a similar solution? This helps the security team detect attacks and quickly investigate them.
• Is business-critical data protected with encryption that has been approved by the security team? This helps protect against unauthorized copying of data while at rest.
• Is inbound and outbound network traffic encrypted using TLS? This helps protect against unauthorized copying of data while in transit.
• Does the application store any sign in credentials or keys to access other applications, databases, or services? This helps identify whether an attack can use your application to attack other systems.

Compute

Access to virtual machines should be secure. You can use the update management solution in Azure or any other update management solution to manage system updates for your windows and Linux machines either on Azure or your on-premises environments.  With update management in place, you can quickly assess the status of available updates, schedule installation of required updates, review deployment results, and create alert to verify that updates applied successfully. This layer focuses on making sure that the compute resources are highly secured and that proper privileges are given to avoid business risk of an attacker causing damage.

Network

The network layer focuses on using strong network controls, logically segmenting subnets of the virtual networks, avoiding to assign allow rules with broad ranges,  using network security groups to protect against unsolicited traffic into your Azure subnets, implementing secure connectivity to on-premises networks, giving the least required access and ensuring a firewall instance is in place to filter and inspect any type of traffic in egress and ingress.

Perimeter

At the network perimeter, it’s about protecting from network-based attacks against your resources. A key question to ask here is :

• Is the application protected against Distributed Denial of Service (DDoS) attacks using services like Azure DDoS protection, Akamai, or similar? This protects against attacks designed to overload the application so it can’t be used.

Using Azure DDoS or any related solution will filter large-scale attacks from happening before they can cause a denial of service to the end users.

Identity & Access

This layer focuses on giving the proper access and privilege to what is needed and logging that information. Here are some the best practices that should be adopted on this layer:

• All users should be converted to use passwordless authentication or multi-factor authentication (MFA) over time.
• Disable insecure legacy protocols for internet-facing services. Legacy authentication methods are among the top attack vectors for cloud-hosted services.
• Don’t synchronize accounts with the highest privilege access to on premises resources as you synchronize your enterprise identity systems with cloud directories.
• Use a single identity provider for authenticating all platforms (Windows, Linux, and others) and cloud services.
• Enforce conditional access for users – This supports a zero-trust strategy.

Physical security

This layer focuses on ensuring that physical buildings are secure. In a cloud environment, there is a shared responsibility between the cloud providers and customers.

When you adopt the cloud into your infrastructure, then both your enterprise and your cloud provider are responsible for certain security practices. Your cloud provider will outline what you’re responsible for in regard to security in their SLA. The specifics of your company’s responsibilities will depend on the cloud provider, but whatever the case, your enterprise will need to address your responsibilities in your security strategy.

The cloud provider would be responsible for ensuring controlled access to IaaS, PaaS or SaaS environments. As for a customer’s physical datacenter, it is important to ensure the necessary access controls and monitoring is in place to ensure confidentiality.

If you are unsure where your organization stands on any of these layers, it’s essential to evaluate and close gaps in order to increase your business continuity and reset secure. Reach out to New Signature if you need guidance.

About the Author

Bode Olushi is an Azure Consultant at New Signature with expertise in delivering Azure solutions at the enterprise level. He focuses on using Microsoft-native technologies to help clients build, migrate and automate cloud infrastructure while maximizing business productivity and accelerating their time to market. Bode is passionate about technology with a creative and positive approach to innovation and automation. Outside of the work environment, he enjoys sightseeing, exploring new places, as well as playing ping pong and soccer.