Security through Configuration Control at Scale An Introduction to Ansible

January 1, 1900

"The ability for companies and individuals to deploy infrastructure to cloud service providers has led to the rapid growth and visibility of numerous new products and services. While the ease and speed of deployment allows companies to quickly respond to changes in the marketplace, it also presents challenges to ensure secure deployment, configuration, and management of the supporting infrastructure. While proper use of any configuration management tool can improve the reliability and security of a deployment, the relative steep learning curve, agent based host management, and potentially vulnerable communication methods of the major offerings present additional challenges to their secure implementation. The agentless, Secure Shell (SSH) communication, Python and YAML Ain’t Markup Language (YAML) based product Ansible, a relative newcomer to the field of configuration management, provides a capability that is easy to learn while providing secure and scalable implementation at scale. This paper will identify the major differences between Ansible and other configuration management tools in order to identify possible implications to information security practitioners. Additionally, previously unidentified information security specific uses for Ansible will be identified and discussed as a driver for further research."

Spotlight

CDW

In every organization, there are people who get technology. And people who don't. This is where CDW comes in. CDW is a leading provider of technology solutions for business, government, education and healthcare in the US and Canada. We're a 6,000-plus-member team.

OTHER WHITEPAPERS
news image

INDUSTRIAL CYBER RISK MANAGEMENT

whitePaper | May 21, 2021

Critical infrastructure owners and operators have managed industrial risk for hundreds of years. This risk is usually measured in impact to health, safety, and reliability. As these industrial systems become increasingly digitized, so does the risk. What were once seen as isolated, manual processes have become reliant on communication networks and digital devices.

Read More
news image

Google Cloud security foundations guide

whitePaper | April 19, 2021

This guide presents an opinionated view of Google Cloud security best practices, organized to allow users to adopt or adapt them and then automatically deploy them for their estates on Google Cloud. This document can be useful to you if you are a CISO, security practitioner, risk or compliance officer.

Read More
news image

Cybersecurity: Experience and best practices during COVID-19 pandemic

whitePaper | July 6, 2020

With this white paper focused on the emerging cyber threat that we world is facing during the COVID-19 crisis, NETIA wish to share his experience, his initiatives and his knowledge on those topics.

Read More
news image

Avoiding the Security Pitfalls of Digital Transformation

whitePaper | April 1, 2020

Avoiding the Security Pitfalls of Digital Transformation is a webinar that will explore how organizations can cut through the noise and make a success of cloud transformation, leveraging the benefits of cloud technologies including efficiency, agility and scalability while avoiding the pitfalls.

Read More
news image

Understanding Ransomware and Strategies to Defeat it

whitePaper | March 5, 2020

Held Hostage in Hollywood: In February 2016 the Hollywood Presbyterian Medical Center, in Los Angeles, paid a ransom of about US$17,000 to hackers who infiltrated and disabled its computer network with ransomware. The hospital paid the ransom of 40 Bitcoins (currently worth about $16,664) after a “network infiltration” began on February 5, when employees reported being unable to access the hospital’s network and electronic medical records system. “The malware locked access to certain computer systems and prevented us from sharing communications electronically,” said hospital CEO Allen Stefanek.

Read More
news image

Network Traffic Analysis (NTA): A Cybersecurity ‘Quick Win’

whitePaper | February 27, 2020

According to research from ESG and the Information Systems Security Association (ISSA), 91% of cybersecurity professionals believe that most organizations are either extremely or somewhat vulnerable to a significant cyber-attack or data breach.1 This level of cyber-risk demands immediate attention and action from CISOs, CIOs, and business executives. As a result, 62% of organizations plan to increase cybersecurity spending in 2020.2 Here’s the problem: Increasing security budgets alone isn’t enough. CISOs need quick and easy wins that can greatly bolster security efficacy and streamline operations without demanding massive projects and vast resources. There is a lot of work ahead. This white paper concludes.

Read More

Spotlight

CDW

In every organization, there are people who get technology. And people who don't. This is where CDW comes in. CDW is a leading provider of technology solutions for business, government, education and healthcare in the US and Canada. We're a 6,000-plus-member team.

Events