Stop hackers from walking on the eggshells protecting your datacenter
By: 22 Aug 2015 at 13:30, Trevor PottSysadmin Blog In case you hadn't noticed, IT security sucks. There is a chronic lack of people trained in IT security, people who will listen to IT security, and even a lack of agreement on how best to go about IT security. Fortunately, a new generation of startups are helping to tackle the issues.
No matter how good a sysadmin you think you are, your network will eventually be compromised. This is a huge problem, because "eggshell security" is still the dominant security model in most data centers.
Eggshell security is the traditional model of having a hardened outer layer of edge defences and a network that is essentially wide open, once the attacker has made it past the perimeter defences.
Administrative account and password reuse is rampant, few systems behind the outer defences have proper firewalls, security auditing is practically nonexistent, and file shares that are open to any user are everywhere.
full article