RSS feed for blog Linkin Skype Mail Me Twitter


Learning A Lesson About Security from other People

My self and the rest of LDC went to the MongoDb Coming To You day in London and amongst the many interesting sessions, there was one about MongoDb security, I’m not going to even post a link to the slides as the interesting part was not on them, it was an story about a company going under due to losing control of their AWS (Amazon Web service) access keys, their site was hacked, their servers terminated, their databases deleted and all their backups purged. Everything…. Dead

This gave me quite a shudder, I’m more than a little bit paranoid at the best of times, but it did remind me of off the old phrase to never “put all your eggs in one basket” and that applies as much to cloud platforms as to anything else, however its a tricky trap to escape from as the cloud service providers sell them selves as everything you could ever want and there is no need to have any other vendor, they make it sooo easy to just bolt on services using the same credentials, yes they do provide granularity and yes they provide 2 factor authentication, but they are always a single point of failure and there is no physical security measure if you suffer a major breach (you can’t pound down to the server room and yank the cables out the back of your router or servers) if the bad guys get your security keys then they ARE you.

So what to do?, cloud services are cheap and hideously powerful for their money, not using them robs you and your company of a major advantage in the Internet economy?

Well let’s relate this all back to personal experience and in particular LDCVia, after the conference we sat down and worked out some worst case scenario ( loss of the root account API keys, breach in a primary admins 2 factor authentication or a member of the LDC founders being possessed by a Brain Slug) and figured out how we would deal with them, not what we would do to prevent them, as we had already do everything we can to that end:

  1. 2 factor authentication on every account capable of doing anything at an infrastructure or admin level
  2. Not using primary accounts or their API keys for day to day activities.
  3. Multiple single function accounts and granulated security.
  4. Operating level accounts should not have access to database content
  5. Proper firewalls.
  6. etc. etc. etc.

But how much damage we would be looking at and what the hell we could do to mitigate and recover from it.

For how much damage?, cater to losing all of it, the whole lot lost or compromised :( how are we going to deal with that >:( .

  1. Backups should not be on the same security domain as the servers and databases. hell they should not even be on the same cloud service (you create backup accounts with read only access to only databases, with no OS access) and the servers should have no idea the external backup provider exists, don’t forget to limit the source IP address for these accounts or else you are just giving people a nasty back door to your data.
  2. App servers and database servers should should be segregated in the same way if possible, now this will often depend on network connection speed as db access though a firewall is really going to slow down your apps, but often cloud providers provide good links between different accounts on their network.
  3. Inquire with your cloud provider about a separate authentication method in the case of a breach, a phone number to call and a list of real people and credentials such as you use for phone banking that can shut down all access so you can pick up the pieces,
  4. Talk and I do mean actually TALK with your provider to find out what provisions they have for this scenario type. and while you are there find out their notification schedule are you being told about their network changes? also what back door accounts to they insist on adding to your systems, how are they protected? … in short be knowledgeable about your cloud platform.
  5. Can you take full images of your machines and store them else where (not just backups), they are a lot faster to recover from
  6. Work out your full DR restore strategy, how fast can you get all the servers and database built and back on line, what gets built in what order, what do you tell your clients during that time, what’s the public message you display? get it all written down distributed to the right people and for heavens sake down store it in one place.

I think I need a brown paper bag and a quiet place to calm down (shudder)

Leave Your Comments

blog comments powered by Disqus

Related Entries

Missing A Conference

Salesforce: Same Code Different Triggers

Remote Desktop while away

MWLug 2016 Round-Up

To Find The Perfect Office

A Little Thing Done Right

SalesForce for Domino Dogs 3: Web Query Save Agents

Presenting at MWLUG

SalesForce for Domino Dogs 2: Scheduled Agents

SalesForce for Domino Dogs 1: Profile Documents

Editable salesforce templates

New Platform Type New Client Type

Engage 2016

LDCVia Webinar

Current Android Software 2015

Salesforce read mode hide-when hack

Classic Domino and multi country dates with Bootstrap

C3 charts on Saleforce Winter16

Updating Statamic on AWS

Icon UK 2015

Quiet Isnt it

Engage 2015

Conditional Checking in AngularJs using Restangular

IBM ConnectED2015 All work and no play

2014 A Year In Review

IBM Connections Dev Update to V5

W.T.F. they made me an IBM Champion and a C-API tip

Bloody Android Kit-Kat and SD Cards

LDC Via Cross Post: Why oh why oh why (Part One)

Applet security: a blast from the past

UK ICON 2014

jQuery UK 2014 Day 2

jQuery UK 2014 Day 1

London Node.js User Group April 2014

Listen while you work

SQuirrel SQL For IBM Connections

Living Document: Connections Db Schema Versions

Connections Db Schema Tip2: Finding the UserID

Working from anywhere

Connections Db Tip1: getting the Connections db Schema version

CSC Event No.1

Engage 2014

IBM Connections Dev Links

Collaboration Stack Community Agenda and Stuff

Connections aide memoire 02: Backing Up Websphere Config

Inserting HTML into word documents

Connections aide memoire 01: Changing XML config

IBM Connect 2014 Slide Decks

IBM Connect 2014 Round up

Finding Me at IBM Connect 2014

Collaboration Stack Event

Commuting tip for Developers

My IBM Connect 2014 Sessions

IBM Connect 2014 session

Best USB Cable

The Perfect Consultant

First Tuesday Club November 2013

Latest Blogs