Ev Kontsevoy shares a simple framework for how to think about secure infrastructure access, about its complexity, and a possible solution.
Can you enumerate every single network socket which can be used to hack into your cloud environment and steal your data?
When counting, are you including the laptops of people who already authenticated and have access? The purpose of opening with this question is not to instill fear. Trying to answer it probably leads to “it’s complicated” and the complexity of access is what this article will cover.
Complexity is our collective enemy in the computing industry. Complex systems are admired, yet they are hard to reason about, hard to secure, and let’s not forget — often unpleasant to use.