Skip to content

Archive for

Securing Machine Identities Needs To Be A Top Cybersecurity Goal In 2021

Bottom Line:  Bad actors quickly capitalize on the wide gaps in machine identity security, creating one of the most breachable threat surfaces today.

Why Machines Are the Most Challenging Threat Surface To Protect

Forrester’s recent webinar on the topic, How To Secure And Govern Non-Human Identities, estimates that machine identities (including bots, robots and IoT) are growing twice as fast as human identities on organizational networks. Forrester defines machine, or non-human, identities as robotic process automation (bots), robots (industrial, enterprise, medical, military) and IoT devices.

The webinar points out that one of the fastest-growing automation types is software bots, with 36% used in finance and accounting, 15% used in business line and 15% in IT. The webinar also points out that in 2019, there were 2.25 million robots in the global workforce, twice as many as in 2010 and 32% of global infrastructure decision-makers expect their firms to use robotic process automation (RPA) over the next 12 months.

According to the Forrester Consulting white paper, Securing The Enterprise With Machine Identity Protection, over 50% of organizations find it challenging to protect their machine identities today. Unprotected machine identities are making it easy for bad actors to take control of entire networks of devices. Bad actors rely on organizations’ bots to provide the cover they need to attack networks and devices, often undetected for months or years.

Forrester found that machine identities are left exposed to bad actors because organizations aren’t adopting the tools they need to create and manage a centralized Identity Access Management (IAM) strategy across all machines. This includes defining and enforcing policies, auditing each machine and endpoint and better integrating support across machines and monitoring systems.

Furthermore, by adopting a more modern Privileged Identity Management (PIM) approach, organizations could solve many of these challenges. Leading PIM solutions providers include Centrify, which has succeeded in adapting to the ephemeral nature of securing machine identities by delivering machine identity and credential authentication based on a centralized trust model.

The Forrester report’s bottom line is that machines are isolated, exposed and more vulnerable than any other endpoint on a network. The following graphic compares protection strategies and finds a majority of organizations struggling to deliver them:

Securing Machine Identities Needs To Be a Top Cybersecurity Goal In 2021

Machine Identities Are Networks’ Weakest Security Link 

According to a Venafi study, machine identity attacks grew 400% between 2018 and 2019, increasing by over 700% between 2014 and 2019. Malware capable of compromising machine identities continues to gain momentum, doubling between 2018 and 2019 and growing 300% over the five years leading up to 2019. According to Kount’s 2020 Bot Landscape and Impact Report, 81% of enterprises are regularly dealing with malicious bots today and one in four say a single bot attack has cost them $500,000 or more. Furthermore, many organizations may not realize how many bots and machine identities they have – and bad actors capable of creating hundreds using automated scripting tools.

Forrester provided the following data points underscoring how vulnerable machines are to botnet and identity-based attacks today:

  • The 2017 Mirai botnet attack is a cautionary tale of the dangers of using default security credentials on machines and IoT devices. Using botnets to automate scans of vast blocks of IP addresses for potential telnet ports to log into, the Mirai botnets were programmed to rapidly try a series of basic usernames and passwords to gain access to IoT devices and machines. The Mirai botnets were successful, gaining control of thousands of machines and orchestrating them to deliver one of the largest DDOS attacks in history.
  • It’s common for enterprises to lose track of how many bots they’ve created, giving malicious actors the perfect cover to mask their movements. Instead of creating their bots, malicious actors look to disguise their movements across a network with a company’s bots. Forrester’s webinar mentioned how a large North American insurance provider deployed 400 software bots for customer-facing digital chatbots and processing claims, among other tasks.
  • There’s often no oversight of who has the rights to create and launch bots internally, leading to potentially thousands of bots without secured identities. One of the most troubling findings presented during the webinar is how loose the process is to create a bot – with no checks and balances in place or means of achieving consistent identity management.

How To Strengthen Machine Security

The more challenging any machine threat surface is to protect, the more opportunity it provides bad actors to breach them. A good place to start is by clarifying who owns keeping Transport Layer Security (TLS) and previous-generation Secured-Sockets Layer (SSL) client and server certificates, code signing certificates, Secure Shell (SSH) host and cryptographic keys so they are kept up to date. Letting those fall through the cracks will leave thousands of machines exposed and exploitable on networks.

Prioritizing machine identities and securing machine credentials is a must-have in 2021, as botnet attacks are quickly increasing due to bad actors’ being able to spin up thousands of them in days. The following are key steps to get started:

  • Taking a Zero Trust approach to managing every machine identity authentication on a network now could save thousands of hours and dollars in the future. Taking a least privilege access approach to managing machines now will pay off in the future, as the workloads of machines and non-human entities continue to grow more complex. The Forrester webinar expands on this point by explaining how new, more complex inter-machine relationships are evolving quicker than legacy approaches to endpoint governance and security can keep up.
  • Privileged access controls need to be more adaptive, secure and scalable than many organizations’ static-based approaches to securing machines are today. Forrester recommends replacing long-standing hardcoded credentials with session-based ones assigned via API calls from a vault. Machines are being used 24/7 and have access patterns completely different from humans using the network, making dynamically-assigned, ephemeral credentials even more important to protect a network. Privileged Identity Management (PIM) proves effective at providing privileged access controls for machine identities, with Forrester mentioning Centrify, HashiCorp and others as leaders in this area. Centrify’s approach is noteworthy in enrolling machines with its platform via a client to establish a trust relationship, so applications running on that machine can also be authenticated using a short-lived, scoped token.
  • Monitoring more machines on a network often leads to a transition from legacy to integrated log monitoring systems that can capture, analyze and report anomalous activity across a network. Log Monitoring systems are proving invaluable in identifying machine endpoint configuration and performance anomalies in real-time. AIOps is proving effective in identifying anomalies and performance event correlations in real-time, contributing to greater business continuity. One of the leaders in this area is LogicMonitor, whose AIOps-enabled infrastructure monitoring and observability platform have proven successful in troubleshooting infrastructure problems and ensuring business continuity.
  • Perform periodic audits to track all bots and machines in use across an organization, using Microsoft Active Directory to inventory and manage all of them. One of the most valuable take-aways from the Forrester webinar is the need to manage machine identities and their credentials centrally. Forrester mentions Microsoft Active Directory as one option. The companies providing services in this area include Centrify, which pioneered Active Directory bridging to authenticate human and machine identities based on a centralized model from a single identity repository.

Conclusion

Machines, or as Forrester calls them in their webinar, non-human identities require more precise, adaptive and ephemeral identity structures and access controls. CISOs and CIOs need to take greater ownership of machine identity authentication and provide Identity Access Management (IAM) and Privileged Access Management (PAM) down to the bot and non-human identity level. With the exponential growth of malicious bots tracking machine identities, now is the time to place machine identities among the highest priority of any cybersecurity strategy in 2021.

10 Charts That Will Change Your Perspective Of Microsoft Azure’s Growth

  • Microsoft Azure revenue grew 50% year-over-year in fiscal Q2, 2021, contributing to a 26% increase in Server products and cloud services revenue.
  • According to the latest earnings call, more than 1,000 Microsoft customers now use Azure Arc to simplify hybrid management and run Azure services across on-premises, multi-cloud and at the edge.
  • Commercial cloud gross margins increased to 71% in the latest quarter, up from 67% a year earlier.
  • There are now over 60 Azure regions globally, strengthening Microsoft’s competitive global position versus Amazon Web Services.
  • Microsoft reported $43.08 billion in the second fiscal quarter ended Dec. 31, up from $36.91 billion a year earlier,

These and many other insights are from Microsoft’s Fiscal Year 2021 Second Quarter Earnings Conference Call and related research. Microsoft’s early decision to double down on expanding their cloud platform by accelerating new product and services development and Azure region expansion is paying off. Azure’s revenue growth shows Microsoft is an innovation machine when it comes to the cloud.  

In their latest fiscal quarter, Microsoft announced hundreds of new services and updates to Microsoft Azure alone. The most noteworthy are improvements to Microsoft Cloud for Healthcare, Azure Defender for SQL, Password spray detection in Azure AD Identity Protection, Azure Stack HCI, Azure Stack Edge, Azure Data Factory now being available in five new regions and many more. All Azure updates are available in an online index that provides options for finding those now available, in preview, or in development.  

The following ten charts will change your perspective of Microsoft Azure’s growth:

  • Intelligent Cloud delivered the highest operating income of all segments in the 2nd quarter at $6.4 billion or 36% of total consolidated operating income. This quarter, Microsoft’s success with indirect channel sales combined with more enterprise customers accelerating their cloud-first initiatives contributed to Intelligent Cloud leading all segments in operating income. The following is from the Q2, FY21 Earnings Call.
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  • Synergy Research Group’s latest cloud market analysis finds that Amazon and Microsoft are over 50% of the global cloud provider market, with Microsoft reaching 20% worldwide market share for the first time. Q4, 2020 enterprise spending on cloud infrastructure services was just over $37 billion, $4 billion higher than the previous quarter and up 35% from the fourth quarter of 2019. Synergy Research notes that it has taken just nine quarters for the market to double in size.
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  • 63% of enterprises are currently running apps on Microsoft Azure, second only to AWS.  Azure is narrowing the gap with AWS in both the percentage of enterprises using it and the number of virtual machines (VMs) enterprises are running on it. 6% of enterprises are spending at least $1.2 million annually on Microsoft Azure. Source: Statista and Flexera 2020 State of the Cloud Report, page 50.
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  • 2020 total cloud infrastructure services spending grew 33% to $142 billion from $107 billion in 2019, according to Canalys, with Microsoft’s indirect channel business fueling their 20% market share growth. Microsoft’s dominance of indirect selling channels is evident in the level of sales enablement, sales and technical support they provide resellers. Canalys’ Chief Analyst Alastair Edwards says that “organizations are turning to trusted business partners to advise, implement, support and manage their cloud journeys and articulate the real business value of cloud migration.”
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  • 19% of enterprises expect to invest significantly more on Microsoft Azure in 2021, leading all other cloud vendors this year. Microsoft Azure leads all vendors when compared to the percentage change in spending this year. It’s noteworthy that 61% of all enterprises interviewed expect to increase their investments in Microsoft Azure this year, second only to Microsoft SaaS software. Source: 2021 Flexera State of Tech Report, January 2021.
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  • Microsoft Azure Stack is the second most-used private cloud platform by enterprises, with 35% of them currently running apps today. Azure Stack also leads all others in experimentation, with one in five enterprises, or 21%, currently in that phase of deployment. 67% of all enterprises interviewed in the 2020 Flexera State of the Cloud Report are either running Azure apps or are considering it.
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  • Microsoft’s centerpiece for their intelligence investment is the Microsoft Intelligent Security Graph, which processes over 630 billion authentications across our cloud services each month. Microsoft relies on the Security Graph to gain insights into normal behavior, including sign-ins and authentications and abnormal behavior, including attempted bypasses to two-factor authentication. Microsoft blocks more than 5 billion distinct malware threats per month, providing a great deal of useful data to analyze endpoints across customers’ networks. Source: Microsoft CISO Workshop 1 – Cybersecurity Briefing.
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  • 44.5% of enterprises say Microsoft Azure is their preferred provider for Cloud Business Intelligence (BI). Azure is considered 27% more critical to an enterprises’ Cloud BI requirements and preferences than Amazon Web Services. It’s noteworthy that 96.5% of all enterprises have a preference for Microsoft Azure BI versus its main competitors, including Google Cloud, IBM BlueMix, or Alibaba.   
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  • Microsoft Azure is the leading IoT platform worldwide by end-to-end capabilities with a total score of 276 according to Counterpoint Research. According to the methodology Counterpoint used for ranking IoT platforms, Microsoft Azure is considered a global leader in edge data processing, an increasingly important feature of IoT platforms worldwide. The ability to deliver IoT capabilities from the cloud to the edge helped Microsoft’s platform rank high in this category. Source; Statista and CounterPointResearch.com.
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth
  •  Microsoft Azure is the foundation for a Digital Supply Chain Platform that integrates supply chain partner, corporate, data & advanced analytics platforms and supply chain core transaction systems.  The ongoing pandemic is putting continued pressure on supply chains. Most manufacturing executives say that employee safety, data security, remote worker access, supply chain visibility and insights visibility are high priorities. In response to these market needs, Microsoft Supply Chain (MSC) was created on the Azure platform. The diagram below explains how Azure is integral to the Digital Supply Chain platform.
10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth

%d bloggers like this: