Sometimes encryption can actually make you less secure

If your data center is in a colocation facility, you might not trust the physical security enough and this makes eminent sense. If you need to see inside the encrypted traffic before it reaches your servers, you can utilize a reverse proxy or load balancer on inbound connections. Since you have no a...

Full description

Saved in:
Bibliographic Details
Published inCSO (Online)
Main Author Tavakoli, Oliver
Format Trade Publication Article
LanguageEnglish
Published Framingham Foundry 05.03.2018
Subjects
Computer centers
Data encryption
Encryption
Infrastructure
Internet
Portable computers
Ransomware
Servers
Online AccessGet full text

Cover

More Information
Summary:If your data center is in a colocation facility, you might not trust the physical security enough and this makes eminent sense. If you need to see inside the encrypted traffic before it reaches your servers, you can utilize a reverse proxy or load balancer on inbound connections. Since you have no actual control over the network infrastructure carrying your data across the internet, insisting on encryption for this traffic makes sense. With encrypted SMB v3 deployed: * Ransomware encrypting remote file systems becomes invisible (until someone stumbles across an encrypted file on the file server). * Lateral movement via psexec or a myriad of other RPC UUIDs becomes invisible. * Reconnaissance using RPC UUIDs becomes invisible. * Brute-force password guessing of local accounts on another system becomes invisible.