![]() If the system he is visiting is exploited, the admin’s originating session could get exploited or his admin credentials stolen. ![]() The vast majority of computer security risk in most environments comes from administrators using the same computers for performing the highest risk activities (e.g., using email, internet browsing, office productivity apps, etc.), and possibly being compromised, and then performing administrative tasks with administrative credentials on high-risk computer systems and networks.Įven an admin remotely visiting another user’s regular computer system that performs high risk activities is a risk. The central tenet behind both jump boxes and SAWs is that they are highly-secured computers never used for non-administrative tasks. The central tenet for highly-secured computers ![]() You should be using one or both, and if you’re not, you need to get busy. Both can be used to make your environment significantly more secure. ![]() Although related, they are used at different points (the SAW is always the first computer). Over the last few years, with malicious hackers and malware infesting nearly every enterprise network at will, security admins have been looking for a way to decrease the ability of hackers or their malware creations to steal admin credentials and take over an environment and the concept of a traditional “jump box” has morphed into an even more comprehensive and locked-down “secure admin workstation” (or SAW).Ī SAW is a computer the admin must originate from before performing any administrative task or connecting to any other administered server or network. A jump box is a secure computer that all admins first connect to before launching any administrative task or use as an origination point to connect to other servers or untrusted environments. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |