BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

APT Vehicle of Choice: The Accidental Insider

Posted March 5, 2012    Peter McCalister

APT is the buzzword everyone is using. Companies are concerned about it, the government is being compromised by it, and consultants are using it in every presentation they give. But people fail to realize that the vulnerabilities these threats compromise are the insider — not the malicious insider, but the accidental insider who clicks on the wrong link.Dr. Eric Cole, Cyber Security Expert

One of most talked about topics at the recent RSA Conference in San Francisco was Advanced Persistent Threats (APT). While APT is the latest hot topic involving security, one aspect that has received little visibility is its relationship to privileged identity management.

Any weakness in your infrastructure that allows an attacker to access a system will give him or her opportunity to find another weakness and eventually get the keys to the kingdom – privileged access to a critical server or database with sensitive information.

Look no further than the RSA security breach that occurred early last year. Hackers gained network access through the HR department by sending bogus emails to RSA employees with the subject, “2011 Recruiting Plan.” Because RSA failed to implement a least privilege solution, accidental insiders at the company helped hackers hijack credentials to steal sensitive information.

Accidental insiders are unfortunately commonplace throughout many organizations. Why? Because human nature dictates that we will make mistakes. What’s needed is a comprehensive program to protect privileged access. The tradeoffs everyone has historically made to allow some level of risk no longer apply. Even something as simple as the accidental misconfiguration of a desktop PC can be the weakness a sophisticated attacker uses to gain the access they need to the privileged credentials of a systems or database admin.

Leave a Reply

Additional articles

Sudo_logo

Don’t Create a Different sudoers File for Each System

Posted May 20, 2015    Randy Franklin Smith

What if you have multiple Linux and/or Unix systems? Sudo management can become onerous and unwieldy if you try to manage a different sudoers file on each system. The good news is that sudo supports multiple systems.

password-safety

What Does Microsoft Local Administrator Password Solution Really Do?

Posted May 19, 2015    Morey Haber

LAPS is a feature that allows the randomization of local administrator accounts across the domain. Although it would seem that this capability overlaps with features in BeyondTrust’s PowerBroker Password Safe (PBPS), the reality is it is more suited for simple use cases such as changing the local Windows admin account and not much more.

Tags:
, ,
webinar_ondemand

On Demand Webinar: Securing Windows Server with Security Compliance Manager

Posted May 14, 2015    BeyondTrust Software

On Demand Webinar: Security Expert Russell Smith, explains how to use Microsoft’s free Security Compliance Manager (SCM) tool to create and deploy your own security baselines, including user and computer authentication settings.

Tags:
, ,