Castle-and-moat security – great for 11th Century castles
Castle-and-moat security - great for 11th Century castles, but it’s time to move on
Castle-and-moat as a physical security measure doesn’t need much explanation if you’ve ever spent a grey Bank Holiday afternoon traipsing round one of Britain’s historical fortresses. Digging a trench round a building and filling it with water was a fashionable means of protection for centuries, reaching its high water mark after the Norman invasion.
In IT, it has come to describe an approach for protecting data and systems which is equally familiar and traditional.
This blog explains what castle-and-moat means in an IT context, and why it no longer offers adequate protection for our increasingly complex and critical IT systems against ever more sophisticated and lucrative cybercrime attacks.
What is the IT castle-and-moat security model?
IT castle-and-moat security means building a secure perimeter (the moat) around all your IT assets (the castle) and controlling access via a single protected point of entry.
This single point of entry is guarded by measures that have evolved as cybercrime threats have grown, and as the need for systems to communicate beyond the corporate perimeter has mushroomed.
A typical perimeter may have corporate directory systems and VPNs to validate and secure individual user connections, sophisticated firewalls for system to system communications, AV systems to block viruses, and proxies to prevent direct access.
As corporate IT estates have grown more complex and valuable, some of this security has been extended to operate within the perimeter. Administrator passwords and secure vaults for payment data can be seen as virtual equivalents of placing extra guards around the treasury and the monarch’s quarters within the castle walls.
Fundamentally, the castle-and-moat security model sets out to balance the competing needs of security and legitimate access by making the IT perimeter hard to enter, but having minimal checks once the user or other agent is inside.
Castle-and-moat and the changing IT and cybercrime landscape
IT systems have become more complicated over time. The distinction between internal and external corporate systems has become increasingly blurred, creating new security challenges.
With the growth of Cloud, there’s often no longer a clear single physical datacentre to protect, activities like mergers and acquisitions require rapid delivery of solutions for systems to talk across corporate boundaries, the use of APIs enables businesses to harness rich digital capabilities by opening up website assets to external developers, and so on.
System and data assets have become ever more valuable and critical to an enterprise’s success.
The cyber threat landscape has evolved as systems have grown and become more business-critical. Until the mid-2000s, headline-grabbing cyber attacks stemmed mostly from viruses intended to cause direct damage, theft or leakage of sensitive financial data, or denial of service (DOS) attacks meant to bring down websites.
Castle-and-moat security has evolved over time to be more effective at detecting and heading off these attacks, but the growth of ransomware is changing that.
How ransomware defeats castle-and-moat
Ransomware is a type of cyberattack which specifically sets out hold a company’s IT or data to ransom, and it’s a rapidly growing threat. It can be both highly lucrative and alarmingly straightforward for criminals to carry out. Ransomware can be acquired online, and ransomware as a service has entered the cybercrime vocabulary. We explore ransomware in more detail in another blog post.
Ransomware defeats castle-and-moat security by finding ways past perimeter security. Once it has breached the perimeter it effectively wanders around the ‘castle’ undetected, watching, learning and looking for vulnerabilities it can exploit, for example harvesting administrator passwords or learn ways into secure zones.
Ransomware perpetrators have found many ways to breach perimeter security, from advanced malware, perhaps inserted into a legitimate API or external software, to duping or coercing employees with cleverly disguised phishing attacks or even blackmail.
Potentially high returns and sophisticated and easily available ransomware tools are driving a sharp increase in ransomware attacks. The head of the UK GCHQ recently cited that UK ransomware attacks have doubled in the past year.
It seems clear that dealing with the ransomware threat requires a move away from the traditional castle-and-moat security model.
What can be done – Zero Trust Security
An emerging security model that addresses the challenges of castle-and-moat is Zero Trust Security.
As the name suggests, Zero Trust effectively trusts no-one and nothing, whether it’s from inside or outside the corporate perimeter. Checks and security at each point in the system mean that, for example, even an administrator password no longer gives free rein; instead, every transaction is revalidated for security.
It shifts the balance between security and legitimate access by scrutinizing every interaction. There is technology available now that enables this shift without compromising accessibility, and it can be applied selectively so that ransomware attack impacts can be contained to less critical systems and data, with zero trust security systems isolated from the attack.
How Coliance can help
At Coliance, we have extensive experience and expertise in creating effective supply chain solutions for our clients, and we can help your business evolve from castle-and-moat to zero trust to tackle the growing ransomware threat.
As an IBM Gold Business Partner, we leverage the value of IBM Sterling solutions from secure file gateways to SFTP, the established industry standard capabilities of MQ messaging, and the power of effective API integration management cloud solutions to deliver the secure, future-ready B2B solutions our clients require.