Date:
12 May 2023
Author:
Salsa Digital Security Team

Defense in depth and the infrastructure layer

In the context of web applications like Drupal, the infrastructure layer represents the foundation that powers and supports the application itself. This includes the underlying hardware, virtual machines, networking components and storage systems. The infrastructure layer plays a crucial role in the overall security and performance of a Drupal website, making it a key element within Salsa’s Defense in Depth Drupal 7 Security Hosting Framework.

The defense in depth approach to security emphasises the implementation of multiple layers of protection, acknowledging that no single security measure is foolproof. By employing a range of complementary security controls, the overall security posture is strengthened. The infrastructure layer is an essential part of this framework, as it provides the foundation on which all other layers rely. Ensuring the security of the infrastructure layer helps prevent unauthorised access, data breaches and service disruptions, ultimately protecting the entire Drupal 7 application.

As Drupal 7 approaches its End-of-Life, maintaining strong security measures becomes increasingly important. Without continued support and updates, Drupal 7 websites become more vulnerable to emerging threats. By implementing a comprehensive defense in depth strategy, including securing the infrastructure layer, organisations can mitigate these risks and maintain a secure web presence even after the End-of-Life date.

Security risks and challenges

The infrastructure layer faces five security risks and challenges:

  1. Unauthorised access
  2. Infrastructure vulnerabilities and exploits
  3. Distributed denial of service (DDoS) attacks
  4. Insufficient data protection
  5. Single points of failure

1. Unauthorised access

A lack of proper access controls and network security measures can lead to unauthorised access to the infrastructure layer. This may result in data breaches, tampering with server configurations, or the injection of malicious code into the Drupal 7 application. Ensuring that access is limited to authorised personnel and that robust authentication mechanisms are in place can help mitigate this risk.

2. Infrastructure vulnerabilities and exploits

Outdated or misconfigured components within the infrastructure layer may expose vulnerabilities that can be exploited by attackers. These vulnerabilities can include weaknesses in hardware components, virtual machines and networking equipment. Regularly monitoring for new vulnerabilities, updating software, and patching any identified weaknesses is crucial for maintaining a secure infrastructure.

3. Distributed denial of service (DDoS) attacks

A DDoS attack aims to overwhelm the target infrastructure by sending a massive amount of traffic from multiple sources. By overloading the servers, attackers can cause service disruptions or even crash the entire Drupal 7 application. Implementing network security measures such as traffic filtering techniques can help protect the infrastructure layer from DDoS attacks.

4. Insufficient data protection

Failure to implement proper data protection in the infrastructure layer can leave sensitive data exposed during transmission or storage. Ensuring that all data is encrypted both at rest and in transit helps protect it from unauthorised access and ensures compliance with various data protection regulations.

5. Single points of failure

Infrastructure components that lack redundancy can become single points of failure, causing service disruptions and potential data loss if they fail. By identifying and mitigating single points of failure, organisations can increase the resiliency and stability of their Drupal 7 application infrastructure.

Top 10 best practices and recommendations

Below we’ve put together our top 10 best practices/recommendations for securing the infrastructure layer:

  1. Implement strong access controls
  2. Keep infrastructure components updated
  3. Deploy network security measures
  4. Encrypt data at rest and in transit
  5. Monitor infrastructure performance and security
  6. Harden infrastructure components
  7. Implement backup and disaster recovery strategies
  8. Segment and isolate sensitive systems
  9. Conduct regular security audits and assessments
  10. Foster a security-oriented culture

1. Implement strong access controls

Access controls are essential for limiting who has access to the infrastructure layer and ensuring that only authorised personnel can perform actions on critical systems. It’s also important to ensure services that access other services have a very tightly scoped set of permissions. To achieve strong access control, organisations should use Role Based Access Control models using least privilege approach and enforce the use of multifactor authentication where possible.

Security benefits: Implementing strong access controls prevents unauthorised users or services from accessing critical infrastructure components, thereby reducing the risk of data breaches, unauthorised configuration changes and other security threats.

Actionable steps:

  1. Create unique accounts for users and services that require access to the infrastructure layer.
  2. Implement role based access control to ensure that users only have the permissions needed for their specific roles.
  3. Enforce multifactor authentication for all accounts that require escalated privileges or access to sensitive components, to provide an additional layer of security during the authentication process.
  4. Regularly review and update access controls and permissions to reflect organisational or operational changes.

2. Keep infrastructure components updated

Keeping infrastructure components updated helps protect against known vulnerabilities and exploits, ensuring that the infrastructure layer remains secure and stable. Regularly updating hardware, virtual machines, and networking components helps address vulnerabilities and improve the overall security posture of the infrastructure layer.

Security benefits: By updating infrastructure components, organisations can protect against known exploits and reduce the risk of unauthorised access or service disruptions due to unpatched vulnerabilities.

Actionable steps:

  1. Set up a regular update schedule for all infrastructure components.
  2. Monitor security bulletins and industry news for newly discovered vulnerabilities and patches.
  3. Test updates in a staging environment before deploying them to production.
  4. Track and document all updates to ensure a consistent update process.

3. Deploy network security measures

Implementing network security measures helps protect the infrastructure layer from threats such as DDoS attacks, unauthorised access, and data breaches. Network security measures can include firewalls, intrusion detection/prevention systems (IDPS), private subnets and virtual private networks (VPN).

Security benefits: These security measures help safeguard the infrastructure layer by monitoring network traffic, blocking unauthorised access and preventing potential attacks.

Actionable steps:

  1. Set up a firewall to restrict incoming and outgoing traffic based on predefined rules.
  2. Deploy an IDS to monitor network traffic for suspicious activity and alert administrators of potential security incidents.
  3. Implement an IPS to actively block detected threats and prevent potential attacks.
  4. Place sensitive components (such as database instances or network file systems) on private subnets to prevent them from being exposed to the public internet.
  5. Use a VPN to secure communication between remote users and the infrastructure layer.

4. Encrypt data at rest and in transit

Encrypting data helps protect sensitive information from unauthorised access, ensuring that it remains secure throughout its lifecycle. Data encryption is the process of converting plaintext data into ciphertext, rendering it unreadable without the proper decryption key.

Security benefits: By encrypting data both at rest (stored on disk) and in transit (during communication), organisations can ensure that sensitive data remains protected from unauthorised access, even if it falls into the wrong hands.

Actionable steps:

  1. Implement disk encryption for all storage devices containing sensitive data.
  2. Use secure communication protocols (e.g. HTTPS, SFTP) for transmitting data between systems.
  3. Establish a key management process to renew encryption keys periodically.
  4. Regularly review and update encryption algorithms and key management practices to maintain strong data protection.

5. Monitor infrastructure performance and security

Monitoring the performance and security of the infrastructure layer enables organisations to quickly identify and address potential issues, ensuring optimal uptime and security. Infrastructure monitoring may track the performance, availability and security of hardware, virtual machines and networking components.

Security benefits: By monitoring infrastructure components, organisations can detect and respond to performance issues, security incidents and other anomalies before they lead to significant downtime or breaches.

Actionable steps:

  1. Define key metrics such as performance, security or availability of infrastructure to be monitored as well as their acceptable levels.
  2. Implement monitoring tools to track the various attributes of infrastructure components.
  3. Set up alerts and notifications in line with defined metrics and acceptable levels to capture critical performance or security events.
  4. Regularly review monitoring data to identify trends and potential areas for improvement.
  5. Incorporate monitoring data into incident response plans and processes.

6. Harden infrastructure components

Hardening infrastructure components helps reduce the attack surface and improve the overall security posture of the infrastructure layer. Infrastructure hardening involves disabling unnecessary services or features and configuring components to minimise vulnerabilities.

Security benefits: By hardening infrastructure components, organisations can minimise the risk of unauthorised access, service disruptions and other security threats.

Actionable steps:

  1. Review and formulate hardening guidelines for all infrastructure components.
  2. Disable or remove unnecessary services and features.
  3. Always configure new components according to established guidelines.
  4. Regularly audit and update hardening measures to ensure ongoing security.

7. Implement backup and disaster recovery strategies

Backing up critical data and implementing disaster recovery strategies helps ensure business continuity in the event of data loss or service disruptions. Backup and disaster recovery strategies involve creating regular backups of critical data, infrastructure configurations and other necessary components and implementing procedures for recovering from potential disasters.

Security benefits: These strategies help organisations quickly recover from service disruptions or security incidents that could impact the infrastructure layer, reducing downtime and minimising the impact of such incidents on the organisation.

Actionable steps:

  1. Create regular backups of critical data and infrastructure configurations.
  2. Store backups offsite or in a secure cloud storage location.
  3. Test backup and recovery procedures regularly to ensure effectiveness.
  4. Review and update disaster recovery plans and procedures as needed to account for changes in the infrastructure layer.

8. Segment and isolate sensitive systems

Segmenting and isolating sensitive systems helps protect them from unauthorised access and potential attacks. Network segmentation involves dividing the infrastructure layer into separate zones based on sensitivity, function, or risk, while isolation involves restricting access to sensitive systems to only authorised users or devices.

Security benefits: By segmenting and isolating sensitive systems, organisations can limit the potential impact of security incidents, prevent unauthorised access and contain potential threats.

Actionable steps:

  1. Identify sensitive systems and determine appropriate segmentation and isolation strategies.
  2. Implement network segmentation using firewalls, VLANs or other security technologies.
  3. Restrict access to isolated systems using access control lists or other authentication mechanisms.
  4. Regularly review and update segmentation and isolation architecture to ensure ongoing protection.

9. Conduct regular security audits and assessments

Performing regular security audits and assessments helps organisations identify potential vulnerabilities and areas for improvement in the infrastructure layer. Security audits and assessments involve reviewing the security posture of the infrastructure layer, identifying potential vulnerabilities and evaluating the effectiveness of existing security measures.

Security benefits: Regularly conducting security audits and assessments helps organisations stay aware of their infrastructure's security status, allowing them to proactively address potential vulnerabilities and improve overall security.

Actionable steps:

  1. Establish a schedule for regular security audits and assessments.
  2. Use internal or external teams to conduct audits and assessments, depending on organisational resources and expertise.
  3. Review and prioritise identified vulnerabilities and develop a plan for addressing them.
  4. Track progress and document results to ensure ongoing improvement in infrastructure security.

10. Foster a security-oriented culture

Promoting a security-oriented culture helps ensure that all team members prioritise security when working with the infrastructure layer. A security-oriented culture involves fostering awareness, training and communication about security best practices and expectations among team members working with the infrastructure layer.

Security benefits: By promoting a security-oriented culture, organisations can ensure that team members consistently follow best practices, identify and report potential security issues, and contribute to maintaining a secure infrastructure.

Actionable steps:

  1. Provide regular security training for all team members working with the infrastructure layer.
  2. Establish clear security expectations and guidelines for all team members.
  3. Encourage open communication and reporting of potential security issues.
  4. Recognise and reward team members for their contributions to maintaining infrastructure security.

With these best practices and recommendations, organisations can significantly enhance the security of their Drupal infrastructure layer, protecting against various threats and vulnerabilities. By implementing these measures, organisations can better ensure the stability, availability and security of their Drupal applications.

Benefits and outcomes

There are many benefits of using defense in depth strategies to secure Drupal at the infrastructure layer. These include:

  1. Enhanced security
  2. Improved compliance
  3. Greater system stability and availability
  4. Increased customer trust
  5. Reduced costs
  6. Scalable security solutions

1. Enhanced security

Implementing the best practices and recommendations outlined in this whitepaper helps organisations significantly improve the security of their Drupal infrastructure layer. As a result, organisations can effectively mitigate potential threats and reduce the likelihood of successful attacks on their systems.

2. Improved compliance

Many industries have regulatory requirements related to data protection and security. By following the best practices outlined in this whitepaper, organisations can more easily achieve and maintain compliance with these requirements, minimising the risk of costly fines and reputational damage.

3. Greater system stability and availability

A secure infrastructure layer promotes stability and availability of Drupal applications. By taking a proactive approach to infrastructure security, organisations can reduce the likelihood of system downtime and related negative consequences, such as lost productivity or revenue.

4. Increased customer trust

Customers and users of Drupal applications expect their data and interactions to be secure. By implementing the security best practices and recommendations detailed in this whitepaper, organisations can demonstrate their commitment to security, earning the trust and confidence of their customers and users.

5. Reduced costs

Addressing security vulnerabilities and threats proactively can significantly reduce the costs associated with security breaches, such as data recovery, legal liabilities and reputational damage. By following the best practices in this whitepaper, organisations can minimise the potential financial impacts of security incidents.

6. Scalable security solutions

The best practices and recommendations in this whitepaper provide a foundation for building scalable security solutions. As organisations grow and evolve, these measures can be adapted and expanded to ensure continued protection of the infrastructure layer.

Implementing the best practices and recommendations discussed in this whitepaper provides organisations with numerous benefits and outcomes. By focusing on infrastructure security, organisations can better protect their Drupal applications and contribute to the overall security of their digital presence.

Conclusion

The security of the infrastructure layer is a critical aspect of an organisation's overall security posture. Ensuring that the foundation of your Drupal application is secure helps to protect against a wide range of threats and vulnerabilities, ultimately safeguarding the integrity, availability and confidentiality of your systems and data.

Implementing the best practices and recommendations outlined in this whitepaper provides organisations with a comprehensive approach to infrastructure security. By following these best practices and recommendations, organisations can address and mitigate many of the risks and challenges associated with securing their Drupal infrastructure layer.

Infrastructure security is not a one-time effort but rather, an ongoing commitment. Regular monitoring, maintenance and updates are necessary to ensure that the infrastructure remains secure as the threat landscape evolves. By fostering a security-oriented culture and staying informed about the latest developments in infrastructure security, organisations can better protect their Drupal applications and maintain a strong security posture.

Investing time and resources into securing the infrastructure layer of your Drupal application is crucial to the overall security of your organisation. By following the best practices and recommendations outlined in this whitepaper, you can establish a solid foundation for your Drupal applications and confidently mitigate potential risks and vulnerabilities.

National Institute of Standards and Technology (NIST) Cybersecurity Framework and the infrastructure layer

NIST is a US-based agency that provides critical measurement solutions to promote equitable standards such as the NIST Cybersecurity FrameworkExternal Link (NIST CSF). NIST CSF is recognised globally as one of the leading standards for organisational cybersecurity management.

The NIST CSF can be applied to infrastructure to enhance cybersecurity resilience and protect against cyber threats. Infrastructure in this context refers to the physical and virtual systems, facilities, and assets that are essential for the functioning of a service or an entire organisation. Here are some of the NIST CSF activities that can apply to this layer:

Identify:

  1. Asset inventory: Create a comprehensive inventory of key infrastructure assets, including physical assets (e.g. hardware devices, physical premises) and digital assets (e.g. security control systems, operating systems, applications).
  2. Risk assessment: Identify and assess cybersecurity risks associated with these assets, considering potential vulnerabilities and threats.

Protect:

  1. Access control: Implement strict access controls to limit unauthorised access to infrastructure including authentication and authorisation mechanisms.
  2. Data protection: Apply encryption and data security measures to protect sensitive information, especially when transmitting data across infrastructure and networks.
  3. Physical security: Secure physical infrastructure components to prevent unauthorised access, tampering or damage.

Detect:

  1. Intrusion detection: Deploy intrusion detection systems (IDS) or intrusion protection systems (IPS) to detect and block unusual or malicious activities within the infrastructure environment.
  2. Anomaly detection: Implement anomaly detection techniques to identify deviations from normal behaviour in infrastructure systems, which may indicate a security incident.

Respond:

  1. Incident response plan: Develop and regularly test an incident response plan specific to infrastructure.
  2. Communication: Establish communication protocols for notifying relevant stakeholders (e.g. government agencies, emergency services, employees, suppliers) in the event of a cyber incident affecting critical infrastructure.

Recover:

  1. Backup and recovery: Implement robust backup and recovery procedures to ensure the rapid restoration of critical infrastructure systems in case of disruption or cyberattacks.
  2. Continuity planning: Develop continuity plans that address both cyber and physical disruptions to ensure infrastructure services can be maintained or quickly restored.

More about NIST

Resources and further reading