April 2017 Digital Edition
March 2017 Digital Edition
Feb. 2017 Digital Edition
January 2017 Digital Edition
Nov/Dec 2016 Digital Edition
Oct 2016 Digital Edition
Why securing M2M networks should be top priority for governments
By Jonathan Lewis
Data breaches occur more often than we realize, and affect everyone from consumers to municipal governments.
Recently, the Washington State Administrative Office of the Courts public Web site fell victim to a hacker attack. The site hosted social security and driver license numbers that were probably accessed by the intruders. In this instance, it is difficult to determine when and where IT security went awry, yet this data breach is alarming and a call to action for local governments to re-evaluate their security procedures.
There are preventive measures government organizations can take to prevent such an attack from occurring. Identity and access management (IAM) solutions provide governance and visibility capabilities that enable local governments to provision and regulate access to their cloud infrastructure, applications, servers and both structured and unstructured data. Traditional IAM deployments generally are effective in managing the identities assigned to interactive human users, but the vast majority of network identities are assigned to machine-to-machine (M2M) processes.
Many of these M2M communications use the Secure Shell encryption protocol for authentication and authorization. Secure Shell is ideal for these functions because:
- Public key (PKI) based authentication supported by Secure Shell provides security for login credentials, without requiring an interactive authentication process. The private Secure Shell user key is never sent over the network.
- Secure Shell allows organizations to define and limit which functions a process may perform under a Secure Shell authorization.
- Secure Shell channels are encrypted, securing data-in-transit.
Despite these advantages, there are significant gaps in IAM governance of identities that use Secure Shell. First, the provisioning of these identities is typically decentralized, leading to oversight over creation and authorizations of identities. This absence of central management over identities often leaves local government organizations vulnerable to an attack.
Although Secure Shell is used worldwide to securely access remote servers, many IT administrators are surprised to discover that M2M communication make up the majority of Secure Shell traffic on their networks. Most Secure Shell trust relationships provide access to production servers and carry high-value payloads; including state secrets, intellectual property, social security and driver’s license numbers and other critical information.
Shockingly, access to M2M encrypted channels via Secure Shell often lacks proper identity and IAM controls, resulting in liabilities and compliance issues. Any interactive user who has the appropriate credentials -- in this case a copy of the key file -- can take over these uncontrolled M2M networks. This often means that the most sensitive information is the least protected.
Many local or municipal governments have more than 100,000 keys in their network environments. Even though these keys provide access to critical systems and servers, many local government facilities do not have a process for managing the authorization and access power of these keys. Due to this oversight, a majority of the keys are never changed and, even more shockingly, system administrators are not always aware of all of the keys within their network.
The lack of security controls -- coupled with the sensitive data being protected -- has made Secure Shell a target for hackers. Since keys are often deployed in one-to-many relationships, it is likely that a single breach stemming from a compromised key could be used as a threat vector, infecting the entire network environment.
Ironically, the very function that offsets malicious parties from accessing critical data also prevents systems administrators from determining if this information is being accessed improperly. This means that unless the institution has deployed an encrypted channel monitoring process, security operations and forensics teams cannot see what is happening in the network. Encrypted channel monitoring enables security intelligence solutions to inspect, store and stop traffic to make sure hackers cannot use Secure Shell encryption to access servers undetected.
Resurgence of authentication methods
Faced with these new threats, municipal governments are reinforcing interactive user authentication methods, including password strength, periodic changes and two-factor authentication, in an effort to thwart hackers and prevent non-compliance. These approaches are considered best practices and are encompassed in compliance requirements, such as PCI, FISMA, SOX and others.
Additionally, compliance organizations are updating their regulations to specifically include alternative methods of authentication that go beyond user names and passwords and auditors will be required to flag cases where access is not controlled via Secure Shell. Compliance mandates will continue to become more stringent, arriving at a time when governments are realizing that strong standards are necessary to secure their most critical data.
It is in governments’ best interests to design and deploy IAM strategies that include processes intended specifically for M2M communications. A comprehensive, best practices-based Secure Shell key management policy enables strong authentication practices and should include:
- Automated key creation, rotation and removal;
- Discovery and monitoring of trust relationships;
- Enforcement of appropriate key type, size and version of Secure Shell;
- Limiting root access to servers, so that only the key manager can establish and retract keys;
- Monitoring the authorizations of each key;
- Supervising traffic in encrypted channels.
As network environments are continuously evolving, it is imperative that municipal government organizations keep on top of new technologies and anticipate evolving security threats. Implementing an IAM strategy that includes strong Secure Shell access controls in M2M communications is an essential preventative tactic to lessen the risks of an attack.
Although data encryption provides clear network security benefits, left unmanaged it can become a significant vulnerability. Secure Shell access control and governance issue must be addressed. The absence of such controls creates liabilities and can cause city and state governments to veer off track with regards to compliance mandates. By analyzing the Secure Shell environment, IT teams can uncover and address the M2M access control issues that could be leaving the keys to the city unprotected.
Jonathan Lewis is the director of product marketing for SSH Communications Security