BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

APT Vehicle of Choice: The Accidental Insider

Posted March 5, 2012    Peter McCalister

APT is the buzzword everyone is using. Companies are concerned about it, the government is being compromised by it, and consultants are using it in every presentation they give. But people fail to realize that the vulnerabilities these threats compromise are the insider — not the malicious insider, but the accidental insider who clicks on the wrong link.Dr. Eric Cole, Cyber Security Expert

One of most talked about topics at the recent RSA Conference in San Francisco was Advanced Persistent Threats (APT). While APT is the latest hot topic involving security, one aspect that has received little visibility is its relationship to privileged identity management.

Any weakness in your infrastructure that allows an attacker to access a system will give him or her opportunity to find another weakness and eventually get the keys to the kingdom – privileged access to a critical server or database with sensitive information.

Look no further than the RSA security breach that occurred early last year. Hackers gained network access through the HR department by sending bogus emails to RSA employees with the subject, “2011 Recruiting Plan.” Because RSA failed to implement a least privilege solution, accidental insiders at the company helped hackers hijack credentials to steal sensitive information.

Accidental insiders are unfortunately commonplace throughout many organizations. Why? Because human nature dictates that we will make mistakes. What’s needed is a comprehensive program to protect privileged access. The tradeoffs everyone has historically made to allow some level of risk no longer apply. Even something as simple as the accidental misconfiguration of a desktop PC can be the weakness a sophisticated attacker uses to gain the access they need to the privileged credentials of a systems or database admin.

Leave a Reply

Additional articles

Integrating Least Privilege and Password Management to Solve Account Security Challenges

Integrating Least Privilege and Password Management to Solve Account Security Challenges

Posted July 24, 2014    Morey Haber

There is a reason all BeyondTrust Privileged Account Management (PAM) solutions share the PowerBroker name: They all inherently enable you to reduce user-based risk and can be integrated under a centralized IT risk management platform. Here’s one common use case that demonstrates how this integration changes the playing field. Consider the challenge of privileged access:…

Tags:
, , , , ,
PowerBroker Password Safe Password Age Report

Reshaping Privileged Password Management with Password Safe 5.2

Posted July 21, 2014    Martin Cannard

Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development. New features for mitigating password risk and ensuring accountability enterprise-wide Here’s the 10,000-foot overview of…

Tags:
, , ,
PowerBroker for Windows tamper protection

PowerBroker for Windows 6.6 Tamper Protection

Posted July 18, 2014    Morey Haber

I have a bone to pick: Stopping an administrator from performing an action on a system is futile endeavor. As an administrator, there is always a way to circumvent a solution’s from tampered protection. Really! By default, Windows administrators have unrestricted access to the system – and even though an application, hardened configuration, or group policy…

Tags:
, ,