Configuration Drift: What is it and What are the Risks?

Whoever is in charge of developing an application or, if they participate in that process, knows that there are multiple procedures to perform. An application, for whatever purpose, is supposed to go through constant changes to make it work better and better. Likewise, so that it is increasingly secure and that it maintains the privacy of user data. However, what if all these changes lead to problems? Today in this article we will talk about the issue of configuration drift .

Whenever an application is developed, it needs to go through changes. Which are reflected in updates. These changes may reflect improvements in the user interface or some improvement in its infrastructure that allows better performance. However, there is a risk that changes may adversely affect the application. Some may even render it useless. This situation is known as configuration drift . This causes applications to worsen their overall performance, rather than improve.

Configuration drift

But this does not mean that there can be precisely certain types of updates that are openly applied in order to generate such a drift configuration. A series of bad practices can progressively cause the application to lower its performance quality and thus also its security levels.

Configuration drift and privilege escalation

A practical example that we can cite is the typical application developer who frequently accesses a server. In fact, access must be permanent, even for the smallest changes and revisions in general. If I want to make any changes to the application in production (that is, the environment that makes the application work as such for users), it is necessary to have special administrator credentials. This developer doesn’t like the idea of ​​having additional credentials because ultimately this involves extra time that can hurt the time it takes to deliver your changes to the application.

Anyway, this developer has got the credentials he needs for the production changes he needs to make. You can even alter your permissions and add the ones you need so that you can have administrator permissions through the user management interface. Apparently no problem since those administrator permissions only apply to the server that the developer needs to access.

Remember that any procedure that is applied in production can go very well or very badly. And if it goes very wrong, users are the main affected. A situation that reflects a misapplied change in production is when a person updates the application to its latest version. But unfortunately, that latest version does not allow the person to log in to their account, permanently display an error message etc. The developer of this example has no intentions that go beyond carrying out his work in a timely manner, since the time he has for his project is very tight.

But, what if instead of this person is involved is a cybercriminal or a malicious partner? The privilege escalation is one of the attacks that left sequels to a network, system and infrastructure in general. The worst part is that this type of attack is that many times, it goes unnoticed. And this is because the malicious user performs all the activities in a masked way, which means that they go through security controls and they are detected as benign.

Even if the user applying privilege escalation has no intention of carrying out an attack, it may have potential problems in other respects. If there were an audit process and this type of activity is reflected, it will be very difficult to justify it. And if this turns out to be something that goes against compliance policies or regulations, both the partner and the organization may have problems.

Basic tips to avoid configuration drift

From the example we have cited above, we can extract a couple of recommendations. The first is to document everything related to the development of the application or service. However, this is not closed to general procedure manuals or instructions. This should also cover all improvements and changes that need to be made to the application. It is like having a log of all the logins to a certain database or any other application.

That documentation must inform in detail about all the changes made, the impacts it has. It should also include what requirements must be met to have the update, among other data. Unfortunately, the practice of documentation  is one of the few focuses of attention. However, it begins to charge something of importance in the face of events such as audits or security incidents.

Focusing on security, you have to closely monitor administrator credentials. One might think that a user with administrator permissions should not use their permissions in question for some malicious activity. However, above we discussed how privilege escalation is an important ally for drift configuration.