Interior Page Icon

Secure Administration

Securing the Keys to the Kingdom

The BIG Idea

By using secure system administration and management capabilities, an organization can substantially reduce the opportunities for advanced adversaries to gain elevated privileges and wide-spread network access.

Cyber Resiliency Goals & Objectives

The Secure Administration supports the cyber resiliency Anticipate and Withstand goals and the Prevent and Prepare objectives.

Design Principles

The design principles for secure administration create a more resilient enterprise infrastructure by making it more difficult for adversaries and non-administrative users to gain access via unauthorized, privileged actions.

What Can Be Done Now

The following resiliency techniques can help transform business processes and redesign systems to use existing technologies more effectively:

The Right People & Policies

Creating a foundation of resiliency requires specific skills and policies, including:

Cyber Attack Lifecycle

Using the cyber resiliency techniques, coordinated defense, privilege restriction, and segmentation, as described above, defenders can impede the adversary's attack on the enterprise and limit the damage the malware causes. The use of coordinated defense, privilege restriction, and segmentation impede the adversary's ability to initiate the exploit. When the adversary attempts to manage the initial victims both privilege restriction and segmentation limits and impedes these efforts. Coordinated defense in concert with privilege restriction and segmentation limit and impede the adversary's ability to execute the attack plan and maintain a presence in the enterprise.

Synergies and Barriers

Synergies among practices include Privilege Restriction and Segmentation. Applying these practices will reduce opportunities for adversaries to gain elevated privileges and wide-spread network access.

Barriers to adoption include:

Just Ahead

Secure administration practices must adjust to emerging technologies. Virtualization, for example, requires both host and guest platforms to be securely administered. Virtual and software-defined networks modify network routing, making management more challenging, while biometrics and new authentication approaches may offer better protection of administrator accounts.

See Key Concepts and Terms for definitions

Previous Activity Back to Menu Next Activity