Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

APT Vehicle of Choice: The Accidental Insider

Posted March 5, 2012    Peter McCalister

APT is the buzzword everyone is using. Companies are concerned about it, the government is being compromised by it, and consultants are using it in every presentation they give. But people fail to realize that the vulnerabilities these threats compromise are the insider — not the malicious insider, but the accidental insider who clicks on the wrong link.Dr. Eric Cole, Cyber Security Expert

One of most talked about topics at the recent RSA Conference in San Francisco was Advanced Persistent Threats (APT). While APT is the latest hot topic involving security, one aspect that has received little visibility is its relationship to privileged identity management.

Any weakness in your infrastructure that allows an attacker to access a system will give him or her opportunity to find another weakness and eventually get the keys to the kingdom – privileged access to a critical server or database with sensitive information.

Look no further than the RSA security breach that occurred early last year. Hackers gained network access through the HR department by sending bogus emails to RSA employees with the subject, “2011 Recruiting Plan.” Because RSA failed to implement a least privilege solution, accidental insiders at the company helped hackers hijack credentials to steal sensitive information.

Accidental insiders are unfortunately commonplace throughout many organizations. Why? Because human nature dictates that we will make mistakes. What’s needed is a comprehensive program to protect privileged access. The tradeoffs everyone has historically made to allow some level of risk no longer apply. Even something as simple as the accidental misconfiguration of a desktop PC can be the weakness a sophisticated attacker uses to gain the access they need to the privileged credentials of a systems or database admin.

Leave a Reply

Additional articles


October 2015 Patch Tuesday

Posted October 13, 2015    BeyondTrust Research Team

This month’s Patch Tuesday is on the lighter side, offering up six bulletins and 33 vulnerabilities in total. The critical bulletins to watch out for involve IE, JScript/VBScript, and Windows Shell.


Retina CS Vulnerability Management Solution Gets Primetime Award for Innovation

Posted October 12, 2015    Sandi Green

Analyst firm Frost & Sullivan presented BeyondTrust with the 2015 award for ‘Best Practices in Enabling Technology Leadership in the Vulnerability Management Industry.

, ,

Answering the age-old question, ‘What’s plugged into my network?’

Posted October 9, 2015    Alejandro DaCosta

“What’s plugged into my network?” is a question I hear frequently from security administrators. And, really, it’s no surprise why. No longer do we have to account just for the physical servers in our datacenters, workstations and a few network devices. Now we need to keep track of roaming laptops, dynamic virtual systems, off-site cloud deployments and BYOD.