BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Confessions of a Paranoid IT Director

Posted April 6, 2011    Peter McCalister

Hi, my name is Betty, I’m an IT Director at a large utility company and it’s been 1 week since my VP of Software Development complained that security was locked down too tight to get anything done. (All together now) HI BETTY!

I know this is a support group for IT Directors suffering from governance, risk and compliance issues, but candidly I don’t acknowledge that I, or my organization, has a problem.  I’ve locked down every network, server, desktop, cloud and virtual environment so tightly that it takes a call to the help desk anytime someone needs admin rights to do anything.  Sure, our help desk costs skyrocketed, but this way I have complete control over who does what to our IT systems and can guarantee security to my boss.

The other problem that I have to ignore frequently is the VP of the Software Development organization who is constant complaining that his team can’t get anything done and will be missing their deadlines because of my security policies.  He is now threatening to break into our data center and reprogram all security policies one night, so I am evaluating new physical security measures as well.

I recently saw an ad for Guido the Gorilla who is trained to protect IT assets the old fashioned way…with intimidation and brute force.  Do you think he will be worth the investment or not worth his weight in bananas?

Leave a Reply

Additional articles

veritas-logo

BeyondTrust to be acquired by Veritas Capital

Posted September 2, 2014    Mike Yaffe

We’re pleased to announce that Veritas Capital plans to acquire BeyondTrust. This is positive news for everyone associated with BeyondTrust, as it will spur significant investments in our Privileged Account Management and Vulnerability Management solutions. Rest assured that the BeyondTrust management team will remain intact, and there will be no changes to the company name,…

Tags:
, ,
PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,