While operating within an ever evolving and complex cybersecurity landscape, federal agencies face difficult decisions around what to prioritize for protection and recovery in the face of advanced security threats.
There are a few things that can be done to dramatically strengthen an agency’s security posture. It all begins with prioritizing Tier 0 assets and deploying a tiered administration model.
What is Tier 0?
Tier 0 assets represent the most critical IT assets to an organization, like domain controllers in an on-premises Active Directory environment. Tier 0 assets are considered to be the most privileged assets and accounts in an IT environment, making them a primary target of threat actors and – thus – vulnerable to attacks. The compromise of a Tier 0 account can, and often will, result in the complete compromise of a government agency’s IT infrastructure, causing significant damage to its operations and reputation.
To mitigate this risk, Tier 0 assets and accounts should be strictly managed, and access to them should be limited to a small group of authorized personnel, and management of Tier 0 systems should be segregated from other systems using dedicated accounts. In some very specific cases, agencies may choose to deploy a separate Active Directory forest to further isolate the management of accounts used to administer Tier 0 assets.
It goes without saying that strict access controls, monitoring and security controls should be in place. Amongst other things, this may also include the use of privileged access management (PAM) solutions.
How does a tiered administration work?
Tiered administration refers to the practice of organizing IT support personnel and the administration of servers and platforms into different levels or tiers, each with a specific set of responsibilities and skills. The most common model is a multi-tiered approach, whereby each level (tier) represents a specific set of systems, and the management thereof is (highly) segregated from one another. In terms of an on-premises Active Directory environment, this means that separate accounts are used to manage systems in each tier. To be effective, privileged accounts in one tier should not be able to administer systems in another tier.
- Tier 0 is the most important tier to nail down and includes the most mission-critical IT assets.
- Tier 1 assets are often systems critical to the functioning of a government agency’s IT infrastructure, but less critical than Tier 0 assets. The breach of a Tier 1 assets also does not immediately constitute a breach of other systems, provided that they are sufficiently secured. Examples include email servers, file servers, administration servers, and so on.
- Tier 2 systems are typically all other systems that are not included in the previous tiers. Often, Tier 2 systems are end user computing devices such as desktops, laptops, etc.
There is no rule that determines how many levels a tiered administration should contain. However, it is recommended to keep your administration model simple so that it does not become a management nightmare.
The biggest security threats today
When we look at the vast threat landscape, cyber threats and security standards come in all shapes and sizes, with varying degrees of impact. Some of the biggest threats today include:
- The number and sophistication of cyberattacks, including ransomware, phishing, pass the hash, etc.
- Supply chain attacks, whereby compromised vendors development assets lead to an increased security risk for them and their clients
- Cloud-based resources. The security complexity, diversity and proliferation of cloud solutions increases the risk of misconfiguration and the overall attack surface of an organization
- IoT and OT device security – as these become an increasingly common attack target
- The rise of AI, used both for offensive and defensive elements of cybersecurity
- The shortage of skills and training
- Increased regulations and demand for compliance
Benefits of a tiered administration model
While tiered administration adds some administrative overhead to create and manage separate accounts, the benefits outweigh the overhead. With it deployed, you can:
- Reduce the risk of lateral movement within the environment. Lateral movement in an on-premises Active Directory environment refers to the technique used by attackers to move laterally from one system to another within the network, often using privileged accounts that have access to multiple systems. To perform lateral movement, attackers use several techniques, including credential theft or pass-the-hash.
- Reduce the risk of unauthorized access. By implementing a tiered administration model, organizations can limit the access of lower-tiered staff to sensitive data and systems. This reduces the risk of unauthorized access and data breaches.
- Enhance control of system configurations. With tiered administration, each tier has specific responsibilities and access levels. This can help prevent unauthorized changes to system configurations and reduce the risk of system failures or data loss.
- Gain more effective management of privileged accounts. Tiered administration can help organizations manage privileged accounts more effectively. Higher-tiered staff can be given the responsibility of managing privileged accounts, ensuring that they are only used for authorized purposes and reducing the risk of misuse.
- Improve visibility into your systems with security monitoring. By assigning specific security monitoring responsibilities to higher-tiered admins, organizations can detect security threats and address them in a timely manner. This reduces the risk of security incidents going unnoticed and limiting potential damage to the organization.
Although the use of a tiered administration model does not guarantee any of the above techniques cannot be abused, it helps to greatly reduce the likelihood and the impact, should it occur.
This article originally appeared on Quest Software’s official blog, HERE.