Microsoft’s recent Project Honolulu announcement introduces a new method of managing Windows Server systems from a centralized HTML5 web application, moving away from the legacy MMC snap-ins. This now makes it much easier than using a command line tool for ad-hoc configuration and troubleshooting tasks that depend more on exploration and investigation rather than scripting and automation.
Giving access to web-based administration is a great way of supporting the need for mobility in the workforce, however each one of these systems can increase an organisation’s attack surface. Data breaches frequently result from poor authentication practices, weak passwords, and even unsecure remote access, which remains as the #1 method of compromise according to Trustwave’s 2017 Global Security Report. By implementing this new web-based management method, organisations could inadvertently create a significant security risk. In a worst-case scenario, a threat actor could destroy or reconfigure the whole infrastructure with a few simple clicks if this system was compromised.
But there is good news. Implementing the following simple controls allows organisations to provide remote access to these new Windows sever management tools and remain secure.
- Multifactor authentication is an important security control for critical systems and should be implemented wherever possible. If a management console is not compatible with multifactor authentication, consider putting it behind a secure access tool that requests a second factor before providing access to the solution.
- Network segmentation delivers a great security control, but when providing remote access it can become very complex. The goal is to make the management console "go dark", which may sound complicated but the key is to implement a system that lets users do their jobs faster and easier than they do today. Look for a solution that can provide access from anywhere, in a hardened sandboxed browser without ever exposing or publishing the management console directly out to the internet.
- Organizations often struggle with privileged user management. Frequently, access rights aren’t removed or updated if a job function changes or a user leaves the organization. And by creating shared accounts for the onboarding of contractors and 3rd party vendors, the risk of sharing credentials and access to these types of systems is clear, with 81% of hacking related breaches using stolen and/or weak passwords according the Verizon 2017 Data Breaches Incident Report (DBIR). It’s important to deploy a solution that allows for granular control and management of privileged users – giving them the right access, to the right systems, at the right time.
- Password management is just as important as privileged user management. Look for an enterprise password vault where credentials can be stored, rotated, and randomized so users never see them. Eliminating the visibility of credentials reduces the threat of being phished or used through another pathway.
With the drive by Microsoft and other vendors launching new tools to enable IT teams to do their jobs with more efficiency and speed, comes additional risks. By ensuring the right controls and security are implemented around all remote access pathways into your infrastructure, organisations can take full advantage of the benefits that these new tools can provide.
Karl Lankford, Director, Solutions Engineering
Karl Lankford is the Director, Solutions Engineering, for BeyondTrust and has worked at BeyondTrust for 4 years. He has acquired a wide-range of security experience and knowledge working with companies during the last 10 years across multiple industries and is a regular speaker at industry conferences.