| Table of Contents |
|---|
...
Potential Value Opportunities
Potential Challenges
Security Vendor Lockin Risks
security-vendor-challenges-Is Microsoft Lock-In the Right Strategy for your Org.pdf. link
security-vendor-challenges-Is Microsoft Lock-In the Right Strategy for your Org.pdf. file
Microsoft server software always had higher security risks than other architectures < see Fidelity issues 2012 & the Microsoft Certification Environment
security risks using microsoft azure security - many of these exist on other platforms as well
- Unauthorised access: Bad actors can use stolen subscription credentials to run harmful scripts.
- Data breaches: These can be caused by application vulnerabilities or storage container misconfigurations, which can lead to unauthorized access or data leakage.
- Misuse of platform access: Azure administrators should be aware of this risk.
- Insider threats: These can include employees with existing permissions.
- Access token abuse and leakage
- Lateral movement from compromised workloads
- Compromised third-party partners with privileged permissions
- Credentials theft
- Reconnaissance with search engines
- Data collection by blob hunting
- Microsoft Entra ID complexity
- Azure Container Registry and AKS vulnerabilities
- Encrypt sensitive data at rest and in transit
- Implement secure coding practices
- Regularly patch and update applications
- Use Azure Key Vault for secure key management
- Employ Azure Security Center for continuous monitoring and threat detection
- Lock down management ports
- Scope permissions tightly using tools like Privileged Identity Management
- Segment your network properly with private endpoints, service endpoints, and network security groups
- Continuously monitor activity logs
- Perform penetration testing
VPN Security Challenges or Zero Trust NA - Network Access
https://www.esecurityplanet.com/networks/vpn-security/
...
VPNs improve wifi security
Many of these mobile workers use public Wi-Fi to access corporate data, and more than one-third never use a VPN to protect their data even though two-thirds are concerned about public Wi-Fi security, according to a survey by iPass. VPN remains a viable option for securing data transferred over public Wi-Fi.
VPN risks
Are VPNs safe? Admittedly, there are security risks associated with VPNs. These include VPN hijacking, in which an unauthorized user takes over a VPN connection from a remote client; man-in-the-middle attacks, in which the attacker is able to intercept data; weak user authentication; split tunneling, in which a user is accessing an insecure Internet connection while also accessing the VPN connection to a private network; malware infection of a client machine; granting too many network access rights; and DNS leak, in which the computer uses its default DNS connection rather than the VPN’s secure DNS server.
...
6 sigma quality for SMPE - Service Management Policy Effectiveness for prevention, remediation of service quality problems
6 sigma - a process being 99.9997% defect-free
Six Sigma is a set of tools and methodologies that businesses use to improve processes by reducing defects and errors, minimizing variation, and increasing quality and efficiency. The goal is to achieve a level of quality that is nearly perfect, with only 3.4 defects per million opportunities (DPMO), which is considered a "six sigma" level. This level of performance equates to a process being 99.9997% defect-free
https://www.simplilearn.com/what-is-six-sigma-a-complete-overview-article
Aggregated service quality calculations
Assume a primary service has up to 50 dependent services it invokes processing all it's apis in the contract
Every individual service is rated very high quality ( eg .999 reliability )
The aggregated quality shows the consolidated impact of 50 services that all have that quality rating
| aggregate quality | service quality | service count |
| 0.7783125571 | 0.995 | 50 |
| 0.9512056282 | 0.999 | 50 |
| 0.952157786 | 0.999 | 49 |
| 0.9426362081 | 0.99 | 1 |
the aggregated quality of consolidated services is very low
key points
- aggregated service quality is below each individual service quality
- how do we measure the service quality of each individual service
Candidate Solutions
Open-source security Tools
...