The first step of this discussion is defining a fancy term to help educate and describe this new phenomenon: Neuroprivilogy. As the name suggests Neuroprivilogy is constructed from the words neural (network) and privileged (access), and can be defined as the science of privileged access points’ networks. Using the neural network metaphor, an organization’s infrastructure is not flat, but instead, a network of systems (neuron=system). The connections between systems are access points similar to synapses (for neurons). Some of these access points are extremely powerful (i.e. privileged) while others are not. Regardless, access points should be accessed only by authorized sources.
In nearly every IT department, discussions about virtualization and debates about moving to the cloud usually end up in the same uncomfortable place, bookended by concerns about lack of security and loss of control. To help create a realistic risk/reward profile, we must first examine how the definition of privilege, in context of the identity and access management landscape, is evolving. We are no longer just talking about controlling database administrators with virtually limitless access to sensitive data and systems; we are talking about processes and operations that can be considered privileged based on the data accessed, the database being entered, or the actions being taken as a result of the data.
The concept of “privilege” is defined by the risk of the data being accessed or the system being manipulated. Virtualized and cloud technologies compound that risk, making traditional perimeter defenses no longer sufficient to protect far-reaching cloud-enabled privileged operations. Whether data is hosted, based in a cloud or virtualized, “privileged accounts and access points” are everywhere.
To gain a better understanding of the vulnerabilities impacting a privileged access points’ network, consider these Seven Neuroprivilogy Vulnerability Fallacies: Continue reading…