BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

December, 2010

microsoft

Microsoft WMI Administrative Tools ActiveX Remote Code Execution

Disclosed December 22, 2010    Partially Patched
Vendors: Microsoft
Vulnerability Severity: High
Exploit Impact:
Exploit Availability:
PBIS-resized-600

Network Devices Need Least Privilege Too

Posted December 21, 2010    Peter McCalister

Any security infrastructure at an organization is only effective as its weakest link. All too often, the weakest link in today’s enterprise networks are the non-production servers and network devices not deemed mission critical. Eliminating shared passwords and logging activities down to the keystroke level on SSH-based network devices is a critical success factor for eliminating that security “weakest link”.

swiss cheese

The Swiss Cheese Model

Posted December 20, 2010    Peter McCalister

We’ve heard a lot of stories from administrators on how they tried implementing a least privileged model without a solution like PowerBroker Desktops.

hands

3 Steps to Good Governance with Privilege Identity Management

Posted December 17, 2010    Peter McCalister

“keep on trying until you are successful” is so much easier to read then this last offering for t-shirt slogan week. And very apropros to the theme of corporate governance. I also want to thank ThinkGeek.com for the inspiration for this week’s blog themes.

sticky

The Value of a Dashboard

Posted December 16, 2010    Morey Haber

I have been intrigued by the number of different paradigms used to make up an enterprise solution management console dashboard. Some are more tabular in nature like a SIM and others graphical with little text and fully animated with icons and avatars. When I first started working with enterprise solutions in the mid 1990’s, I…

Tags:
, , , ,
Guy PC

WikiLeaks and WikiWar and More Misuses of Privilege

Posted December 16, 2010    Peter McCalister

So I can’t resist one more post on this WikiLeak phenomena that still seems to be blazing through the blogosphere and mainstream media. I’ve seen it described as everything from aWiki-War to Wiki-Gaga, and yet most writers are still forgoing that if you give someone permission to do something, they will inevitably do it. In this case, I am referring to the information technology (IT) privileges granted to individuals and associated technologies to monitor and control what these people are doing. Or the lack thereof.

sweep-under-rug

Reducing Help Desk Costs Is a Least Privilege Benefit

Posted December 15, 2010    Peter McCalister

The problem exists between the keyboard and the chair (PEBKAC). This is the recurring mantra of most help desk technicians and a leading cause of budget dollars bleeding out of most organizations. Why, you may ask? The answer is simple:

patch-tuesday

Microsoft Patch Tuesday – December 2010

Posted December 15, 2010    Chris Silva

To make up for a relaxing November, Microsoft unleashed 17 security bulletins today. That puts their 2010 total at 106 bulletins (unless they release an emergency out of band patch before the end of the year). This is a record for Microsoft – their previous high was 100 bulletins way back in 2000. It is…

microsoft

Microsoft Windows Graphics Rendering Engine Buffer Overflow

Disclosed December 15, 2010    Fully Patched
Vendors: Microsoft
Vulnerability Severity: High
Exploit Impact:
Exploit Availability:
yinyang

Sudo May Be For Sandwiches But Not Your Enterprise

Posted December 14, 2010    Peter McCalister

Sudo has been one of the Unix/Linux administrator and self-designated geek’s best friend for the last two decades, but it probably isn’t right for your enterprise. For one thing, it’s open source software, which means no one company can be held accountable for bug fixes, enhancements or any liability resulting from flaws in design. Being a software guy, I naturally lean towards licensed code and have even written on the subject of licensed code versus freeware. So it begs the question, “What can I use sudo for safely?” I just love the t-shirts atThinkGeek.com because they told me what sudo is actually good for… ordering sandwiches!