Security/Fundamentals: Difference between revisions
< Security
Jump to navigation
Jump to search
Gdestuynder (talk | contribs) (Automated sync from https://github.com/mozilla/wikimo_opsec) |
Gdestuynder (talk | contribs) (Automated sync from https://github.com/mozilla/wikimo_opsec) |
||
| Line 1: | Line 1: | ||
<table> | |||
<tr> | |||
<td style="min-width: 25em;">__TOC__</td> | |||
<td style="vertical-align: top; padding-left: 1em;"> | |||
The goal of this document is to detail the rationales behind why various technologies and processes are encouraged or discouraged. | The goal of this document is to detail the rationales behind why various technologies and processes are encouraged or discouraged. | ||
Updates to this page should be submitted to the [https://github.com/mozilla/wikimo_opsec/ source repository on github]. | |||
Changes are detailed in the [https://github.com/mozilla/wikimo_opsec/commits/master commit history]. | |||
<span style="float: right; padding-top: 3em;">[[File:OpSec.png|300px]]</span> | |||
</td> | |||
</tr> | |||
</table> | |||
[[File:OpSec.png | |||
</td> | |||
</tr></table> | |||
= Rationales = | = Rationales = | ||
| Line 22: | Line 19: | ||
|- | |- | ||
|<div id="shared-passwords">[[#shared-passwords|§]] Shared passwords and accounts</div> | |<div id="shared-passwords">[[#shared-passwords|§]] Shared passwords and accounts</div> | ||
|Shared passwords are passwords or/and accounts that more than one person knows or has access to. They're discouraged because | |Shared passwords are passwords or/and accounts that more than one person knows or has access to. They're discouraged because: | ||
* Use of them makes auditing access difficult: | * Use of them makes auditing access difficult: | ||
** multiple users appear in audit logs as one user and different users actions are difficult to differentiate. | ** multiple users appear in audit logs as one user and different users actions are difficult to differentiate. | ||
| Line 31: | Line 28: | ||
|- | |- | ||
|<div id="decentralized-user-account-management">[[#decentralized-user-account-management|§]] Decentralized user account management</div> | |<div id="decentralized-user-account-management">[[#decentralized-user-account-management|§]] Decentralized user account management</div> | ||
|Decentralized user account management refers to user account management which is not driven by the source of truth for | |Decentralized user account management refers to user account management which is not driven by the source of truth for the user's account. Examples of this are: | ||
the user's account. Examples of this are: | |||
* Manual user account creation by administrators. | * Manual user account creation by administrators. | ||
* Automated user account creation from scripting or configuration management that creates accounts based on a static | * Automated user account creation from scripting or configuration management that creates accounts based on a static | ||
| Line 45: | Line 41: | ||
|- | |- | ||
|<div id="mfa">[[#mfa|§]] Multi-factor Authentication</div> | |<div id="mfa">[[#mfa|§]] Multi-factor Authentication</div> | ||
|Multi-factor authentication (MFA) is a security system that requires more than one method of authentication from | |Multi-factor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction. | ||
independent categories of credentials to verify the user's identity for a login or other transaction. | |||
Requiring the use of MFA for internet accessible endpoints is encouraged because by requiring not only something the | Requiring the use of MFA for internet accessible endpoints is encouraged because by requiring not only something the | ||
user knows (a knowledge factor like a memorized password) but also something that the user has (a possession factor like | user knows (a knowledge factor like a memorized password) but also something that the user has (a possession factor like | ||
| Line 60: | Line 55: | ||
|- | |- | ||
|<div id="nsm">[[#nsm|§]] Network Security Monitoring</div> | |<div id="nsm">[[#nsm|§]] Network Security Monitoring</div> | ||
|Network Security Monitoring (NSM) is the practice of monitoring raw network traffic in order to detect intrusions or | |Network Security Monitoring (NSM) is the practice of monitoring raw network traffic in order to detect intrusions or abnormal behavior. The use of NSM is encouraged because it can: | ||
abnormal behavior. The use of NSM is encouraged because it can: | |||
* identify when a host has been compromised by the network traffic it emits. | * identify when a host has been compromised by the network traffic it emits. | ||
* understand the commonalities in a distributed network attack. | * understand the commonalities in a distributed network attack. | ||
* provide incident responders with data needed to quickly diagnose security issues. | * provide incident responders with data needed to quickly diagnose security issues. | ||
|} | |} | ||
Revision as of 18:53, 27 October 2015
|
The goal of this document is to detail the rationales behind why various technologies and processes are encouraged or discouraged. Updates to this page should be submitted to the source repository on github. Changes are detailed in the commit history.
|
Rationales
| Topic | Rationale |
|---|---|
Shared passwords are passwords or/and accounts that more than one person knows or has access to. They're discouraged because:
single shared account across multiple systems at the same time.
| |
§ Decentralized user account management
|
Decentralized user account management refers to user account management which is not driven by the source of truth for the user's account. Examples of this are:
This practice is discouraged because:
|
§ Multi-factor Authentication
|
Multi-factor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
Requiring the use of MFA for internet accessible endpoints is encouraged because by requiring not only something the user knows (a knowledge factor like a memorized password) but also something that the user has (a possession factor like a smartcard, yubikey or mobile phone) the field of threat actors that could compromise the account is reduced to actors with physical access to the user. In cases where the possession factor is digital (a secret stored in your mobile phone) instead of physical (a smartcard or yubikey), the effect of MFA is not to reduce the field of threat actors to only those that have physical access to the user, because a secret can be remotely copied off of a compromised mobile phone. Instead, in this case, the possession factor merely makes it more difficult for the threat actor since they now need to brute force/guess your password and compromise your mobile phone. This is, however, still possible to do entirely from a remote location. In particular, storing both first on second factor on the same device (for example: mobile phone) is strongly discouraged. |
§ Network Security Monitoring
|
Network Security Monitoring (NSM) is the practice of monitoring raw network traffic in order to detect intrusions or abnormal behavior. The use of NSM is encouraged because it can:
|