BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Privileged Account Management

Windows Server 2008 R2 Recycle Bin

Posted November 26, 2011    Morgan Holm

Microsoft has included recovery capabilities with every release Active Directory (AD) from Windows Server 2000 on. There is a saying that has been around in IT for a long time, “An administrator is only as good as their last backup”. This is because accidental deletions of a single user object to the removal of hundreds…

Tags:
, , , , , , , ,
austinlogo[1]

Austin Powder uses PowerBroker to Implement Least Privilege

Posted November 18, 2011    Peter McCalister

Austin Powder, a manufacturing firm based in Ohio, faced an interesting challenge of taking their company to a least privilege model. They also needed to reduce malware threats within the organization. At the start of the project, the company knew little about the least privilege model. They began to develop an in-house solution, a wrapped…

zero-gap1

On False Senses of Security

Posted November 16, 2011    Mike Puterbaugh

Customer conversations are the best part of my job. I really enjoy talking with users and buyers of security technology, especially in today’s hyperactive threat and attack climate. Most often these conversations are with customers proactively planning updates to their security strategy, or with prospects that have matured to a level where their tools need to be upgraded to enterprise solutions. However, there is small percentage of organizations we speak with who have come to eEye as a result of breach or a failed audit. One of *those* conversations was the impetus for this post.

Tags:
lucy2

In a Perfect World, Trust Is All You Need

Posted November 8, 2011    Peter McCalister

This week I had an interesting exchange with a full-time Linux administrator. What started out as a discussion about PowerBroker Servers Linux Edition, quickly became a heated debate about trust. After much back and forth, he said this: “At the end of the day, employers need to trust the employees. Relying on technological solutions to ‘keep honest people honest’ is putting the cart before the horse. If you can’t trust your employees, you shouldn’t have hired them.”

ico-pbmobile

Close Your Virtual App Security Gap

Posted November 3, 2011    Mike Puterbaugh

Virtual apps, and specifically those deployed by market leading VMware’s ThinApp technology, are becoming increasingly popular in the financial services and healthcare-related fields, as well as with government agencies.   Why?  The technology allows IT teams easily streamline application mobility and eliminate application conflicts on the desktop, which at the end of the day, means…

Tags:
,
villain trio

13 Data Breaches Preventable WIth Least Privilege

Posted November 2, 2011    Peter McCalister

Most companies fear the cost of data breaches more than anything, while others fear the embarassing negative publicity wich can have even great negative impact on their organization when misuse of privilege makes the national news.

Win 7 logo

AppLocker + Least Privilege = Magic

Posted October 24, 2011    Peter McCalister

Writing blogs at 2am sometimes, has me asking myself dumb questions like “should I use a mathematics or a magician’s metaphor to kick off todays blog?” Answering myself sometimes generates inspiration and sometimes just means the lazy way out, like today when I chose both.

president

President Obama Endorses Least Privilege

Posted October 17, 2011    Peter McCalister

We have showed that the insider threat is significant in this blog for the last 2 years and have even pointed out recently that it made the Wall St Journal among other well respected publications. But, when President Obama aims to stop WikiLeaks-style disclosures, then least privilege has really come of age.

terminator

Terminator V: Utilities Under Fire Without Least Privilege

Posted October 14, 2011    Peter McCalister

Remember the premise of Terminator and about another 100 or so Hollywood movies that have computers taking over the world? The first step in this conquest is always that we rely heavily on machines being connected to the worldwide web to make our life easier. This becomes problematic when said equipment is managing critical infrastructure like say electricity, water, communications, etc. Wait isn’t that what we’ve now done?

guy laptop

Protecting Yourself and Satisfying Auditors With Least Privilege

Posted October 13, 2011    Peter McCalister

Within the complex world of IT infrastructure exists a vitally important group of people: those charged with administering a company’s most critical assets and protecting its most sensitive data. They are known as privileged users, and by definition they possess a collection of access rights reserved only for those a company has entrusted with significant responsibility in safeguarding not just data, but also brand reputation, customer trust, and sustained revenue.