Archive for April, 2011
Marc and I have been having a little fun lately with third-party integrations. We support a wide variety of tools from Network Management Systems, Call Centers, Security Information Managers, and all the way through Network Access Control, and Governance Risk and Compliance solutions. We have been exploring other tools that can gain value from our…
The increasingly popular bring your own computer to work model seems like a good deal for everyone. You get to carry one device that fits you best and IT saves a lot of work buying and provisioning hardware. But the highly publicized problems with Droid Dream malware highlighted the vulnerability of the Android platform and raises some fundamental questions about who controls employee owned devices that may contain or have access to sensitive company data.
Now that we’ve exhausted securing the network and IT resources from outsiders, it’s time to look at a different perimeter and ensure that insider threats don’t pose a problem for today’s enterprise.
DCI, a developer of core bank processing software, is a privately owned company founded in 1963. The corporation delivers technology solutions that allow banks to prosper and thrive. Because of the nature of the company and the services it provides, heavy IT support is necessary for the deletion, migratino, and back-up of large amounts of sensitive data.
USER: “What’s that you say? You’re going to lock down my computer and make me a standard user? But I’ve always had admin rights! I NEED them to do my job effectively!” ADMIN: “…but do you really?”
Tying the record for the most security bulletins issued at one time, Microsoft released 17 bulletins addressing 64 vulnerabilities this week in Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework and the Graphics Device Interface (GDI+).
Well, Microsoft is nothing if not predictable these days. After a nice, light March, they dropped a ton of security bulletins this month – 17 to be exact. That ties their record set just a few months ago (back in December 2010), and gives them a total of 34 so far this year. Today’s release…
One of the fundamental problems with vulnerability assessment scanning technologies is targeting devices for assessment. Every vendor in the space uses lists of host names, address groups, or computers from an Active Directory OU to build a scan policy and target list. This technique, while incredibly valuable for initial assessment and discovery, wastes precious time accessing devices that may not even be relevant to an assessment based on operating system or even installed applications during future scans. Vulnerability Assessment vendors in general fail to consider the history of a target in performing new scans and allow their technology to become stale based on traditional targeting philosophies.
You may have already seen the results of a 1,000+ person survey conducted recently by McAfee and wrapped up in a crisp report. They estimate that businesses have lost more than $1 trillion in 2008 as a result of data leaks. With the help of SAIC and international research firm Vanson Bourrne, the company has added some meaty authority to what would otherwise be seen as a vendor-biased report.
Building an enterprise on least privilege is not just a concept that applies to Microsoft. While Microsoft does contribute to the security issues associated with letting all users run with administrator rights (or no rights at all), it is a situation every operating system is plagued with.