Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Archive for March, 2012


Microsoft Patch Tuesday – March 2012

March – the month that brings us spring training, NCAA March Madness, Pi Day, and St. Patrick’s Day (including the requisite Shamrock Shake). To go along with these exciting events, Microsoft has chipped in with six security bulletins for the March edition of Patch Tuesday.

Post by Chris Silva March 13, 2012

Do You Know Where Your Linux/UNIX Users Are?

Or even who they are? Sure you do, you say. You have someone responsible for managing Linux and UNIX user accounts. She manages the user store, grants user access to specific Linux/UNIX servers, and assigns specific privileges to users on those servers. When someone leaves the company, she makes sure the specific user accounts are…

Post by Peter McCalister March 13, 2012

Insider Threats Can Start from the Outside, Too

The term insider threats used to spark images of malicious employees stealing copies of filesor looking at information they weren’t supposed to, but in today’s complex world of technology, insider threats have evolved. According to a preliminary version of the Verizon 2012 Data Breach Investigations Report, 92 percent of attacks analyzed were external in origin,…

Post by Peter McCalister March 12, 2012

Granular Control is Gold

If you haven’t noticed, there are some things in our enterprises that we just can’t afford to leave generic. Certain things need to be fine-tuned and customized in ensure the success (and security) of each individual company. One of these is the level of privilege each user has. You need to be able to define…

Post by Peter McCalister March 9, 2012
Break in

Helping Executives Understand Least Privilege

I think it’s a given that each organization is different. With unique personalities and diverse corporate cultures, every enterprise is faced with a different set of challenges. Especially when it comes to IT priorities – every business places different importance and priorities in different places. Security is one of the areas, however, that every company…

Post by Peter McCalister March 6, 2012

APT Vehicle of Choice: The Accidental Insider

APT is the buzzword everyone is using. Companies are concerned about it, the government is being compromised by it, and consultants are using it in every presentation they give. But people fail to realize that the vulnerabilities these threats compromise are the insider — not the malicious insider, but the accidental insider who clicks on…

Post by Peter McCalister March 5, 2012

Embrace your cloud with confidence and control!

Security concerns continue to be top impediments to cloud adoption but business demands are pushing IT cloud initiatives forward. IT must meet business demands while keeping systems and data safe as they embrace cloud solutions. At the RSA conference this week in San Francisco, cloud computing is top of mind. Much of the focus is…

Post by Peter McCalister March 2, 2012

Don’t believe everything you hear when it comes to security

Our good friend Ellen Messmer, recently published Network World article “13 security myths you’ll hear — but should you believe?”  , which listed common security myths shared and commented on by some of security’s leading experts and practitioners. Working at a security company, I work (and also sit) closely with a stellar team of researchers….

Post by Sarah Lieber March 1, 2012
, , , ,
The New York Times Co. Post An 82 Percent Decline In 2nd Quarter Profi

The Front Page of the New York Times

Another day, another security breach. From the government, to banks, to healthcare, to major retailers, to beloved consumer brands, the only thing that seems safe to say is that no one is immune to the threats of today’s Internet-connected world. With strict breach notification legislation and regulations and the tenacity of today’s media, information security…

Post by Peter McCalister March 1, 2012