If you were lucky enough to watch Mr. Robot (no judgement here, please!), you learned some valuable lessons on implementing robust security measures and seeing how they can be compromised. In this blog, we will explore how the show's character, Tyrell Wellick, exemplifies secure asset and software management through version-controlled-infrastructure-as-code and accessing administrative interfaces via Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS).
SSH provides a secure and encrypted means of accessing remote systems. It uses cryptographic keys to establish a secure connection between a client and a server, thereby preventing unauthorized access and eavesdropping.
When browsing the web, secure communication is ensured through HTTPS, which encrypts data exchanged between the user's browser and the web server. HTTPS prevents attackers from intercepting sensitive information, such as login credentials and personal data.
In Tyrell's case, using SSH to access E Corp's administrative interfaces ensures that his interactions remain confidential and protected from potential man-in-the-middle attacks. SSH keys also offer an additional layer of security compared to traditional passwords, making it harder for malicious actors to compromise the system.
Enterprise assets encompass a diverse spectrum of hardware and software elements, such as servers, workstations, laptops, mobile devices, and network devices. Effectively managing this vast ecosystem demands a meticulously designed strategy that prioritizes security while maintaining efficiency and productivity. CIS Safeguard 4.6 centers on the secure management of these assets and software, safeguarding vital business operations and sensitive data from the continuously evolving threats in the digital realm.
Implementing Best Practices:
A central pillar of this safeguard is managing configurations through version-controlled-infrastructure-as-code. This approach promotes consistency in infrastructure and reduces the risk of vulnerabilities stemming from misconfigurations. Version control enables teams to track changes, roll back to secure states, and collaborate effectively in managing enterprise assets.
Furthermore, secure network protocols such as SSH and HTTPS should be used for accessing administrative interfaces. These protocols encrypt data during transmission, mitigating unauthorized access and potential eavesdropping.
Conversely, insecure management protocols like Telnet and HTTP should be avoided except when operationally essential, as they may expose sensitive information to potential threats.
Here’s a link to a Secure Configuration Management Policy Template provided free of charge from the fine folks at the Center for Internet Security: https://www.cisecurity.org/insights/white-papers/secure-configuration-management-for-cis-control-4
Here are some details on this specific Control/Safeguard. If you want more detail, DM me.
CIS Control 4 – Secure Configuration of Enterprise Assets & Software
Establish and maintain the secure configuration of enterprise assets (end-user devices, including portable and mobile; network devices; non-computing/IoT devices; and servers) and software (operating systems and applications).
Implementation Group 1
CIS Safeguard 4.6 - Securely Manage Enterprise Assets and Software
Securely manage enterprise assets and software. Example implementations include managing configuration through version-controlled-infrastructure-as-code and accessing administrative interfaces over secure network protocols, such as Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS). Do not use insecure management protocols, such as Telnet (Teletype Network) and HTTP, unless operationally essential.