Monthly Archives: January 2020

Automating Security

One of the most exploited security weaknesses that leads to data breaches is device misconfigurations, Some of these misconfigurations are:

  • Not changing the default passwords
  • Not cleaning up unused user accounts
  • Failing to remove unused / temporary access
  • Inability to cope with changes
  • Overly complex policies
  • Creating incorrect or non compliant policies
  • Changing wrong policies

Compared to security device flaws, misconfigurations can be mitigated by enforcing strict procedures as well as automation. Automating security configuration will eliminate human errors amidst the complex and rapidly changing environment.  For instance, Operating System images can be defined in a template format which have been hardened with the necessary configurations.  Orchestration tools such as Puppet, Ansible, or Chef are then used to deploy and implement automatically.