Archive for November, 2011
Least Privilege Windows Architecturally Speaking
We’ve talked about least privilege throughout thisblog over the past two years at length, but why should a desktop user care? Ultimately, a user needs admin rights on the desktop to
M&M Security Bound To Be Eaten Without Least Privilege
No, I’m not talking about the Mars candy, funny characters pervasive on your TV, or even the legendary brown ones from a Van Halen concert rider.
Don’t Be The IAM Turkey This Thanksgiving
Most of the United States and Canada are preparing for the anual food fest known as Thanksgiving tomorrow to celebrate the bountiful harvest season. Or is it just an excuse for a work holiday in November? Either way, you can be sure that the potential for IT security breaches increase as vigilance wains for the holiday season.
The Insider Threat Epidemic
Insider threats, particularly unauthorized access by current and former employees, are still a growing concern for IT managers and network administrators, according to InformationWeek’s Insider Threat Reality Report. In the report, several internal issues were cited for network intrusions, including: lack of adequate security policies (17 percent); employee negligence (12 percent); unauthorized access by current…
Big Data? Is There Any Bigger Data Than Your Security Data?
The idea of “big data” has technology vendors and customers alike scrambling to come up with ways to manage the limitless amounts of data being generated by apps, API’s, databases, web services, etc. For organizations with aggressive security and compliance requirements, the security data driving today’s modern threat and risk intelligence (assessments, compliance reports, attack…
You Will Know It When You See It
One of most talked about topics at the just completed Gartner Identity and Access Management Summit in San Diego was advanced persistent threats. While it may be hard to define, and I will leave that to the experts at Gartner, based on the level of discussion at the event and all the available data this is a topic you will get to know in the near future.
![austinlogo[1]](http://blog.beyondtrust.com/wp-content/uploads/2011/11/austinlogo1-141x77.gif)
Austin Powder uses PowerBroker to Implement Least Privilege
Austin Powder, a manufacturing firm based in Ohio, faced an interesting challenge of taking their company to a least privilege model. They also needed to reduce malware threats within the organization. At the start of the project, the company knew little about the least privilege model. They began to develop an in-house solution, a wrapped…
In The Cloud You Don’t Want To Be Sudo Wrestling!
In a recent discussion with several customers we asked a questions, “How many of you are deploying clouds?”, everyone raised their hand. Then we asked similar questions about public and private clouds. Everyone still raised their hand. Many companies are implementing new infrastructure that includes both private and public cloud. This is often referred to…
Born To Run…and Can Your Cloud Escape Injury?
There’s a lot of hype in the running community over the 2009 book by Christopher McDougal, “Born To Run.” It has inspired a host of people–experienced runners and average Joes–to switch to barefoot running, where people where either nothing on their feet at all or some sort of minimalist shoe. The most headturning of these minimalist shoes have to be the Vibram Five Fingers shoes. You’ve seen them–they look like gloves for feet.
On False Senses of Security
Customer conversations are the best part of my job. I really enjoy talking with users and buyers of security technology, especially in today’s hyperactive threat and attack climate. Most often these conversations are with customers proactively planning updates to their security strategy, or with prospects that have matured to a level where their tools need to be upgraded to enterprise solutions. However, there is small percentage of organizations we speak with who have come to eEye as a result of breach or a failed audit. One of *those* conversations was the impetus for this post.
