Cloud, Security and Technology

Last year about this time I had published updates to the Azure Secure Workstation that was originally released two years ago. And This month the solution has been considerably rewritten and revised to provide a better more complete management for privileged access!  Collaborating with two great security experts James Noyce, and Mark Simos The content got a massive overhaul, and a broad perspective on what it takes to build and manage a comprehensive privileged access solution, including account management, device management, intermediaries such as VPN's and interfaces such as Web and Cloud services. Additionally, the solution was uniformly designed with three distinct security levels that anyone reading the article can deploy from a more flexible Enterprise security, to a comprehensive isolated PAW or privileged Access Management. Over the past two years I've been working to explain and illustrate how you can use a cloud-based solution to build an effective Zero tr

In the past several blogs I introduced the work I've been doing associated with the Azure Secured Workstation. I note that this solution IS an ideal 0-trust protection model that any organization looking to protecting key roles and service administrators from compromise is a must. And as this Zdnet's article identifies attacking a weak link is still the most prevalent means to get into your network. In the article the Robin Hood ransomware was deployed using a targeted attack, and the installation a malicious driver. In this case the vulnerability in the Gigibyte driver makes the job of the hacker much simpler, but it's clear that if the targeted user (most likely an administrator) was using an isolated identity to manage their network, malware described in the article would fail to extend its foot hold in an organizations network. What should you do. First and foremost - create a new identity domain/forest. This can be pretty simple thanks to cloud compu