BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Configuration Mistakes Make for Costly Security Gaps

Posted May 25, 2012    Daniel Jacobowitz

Earlier this week, Brian Prince over at Security Week posted an article on a subject that we’ve always been passionate about here at eEye, now BeyondTrust, Research – and that’s configuration.  More specifically, the incredible impact that smart, effective configuration can have on reducing attack surface for any size organization.

From Brian’s article, I agree with the obvious point that, “…practically by definition, [configuration errors] happen because of poor configuration management…”. Despite the glaringly conspicuous causality concerning configuration complications, the problem is no doubt a large one. Configuration gaffes lead to data breaches time and time again, allowing nefarious ne-er dowells to waltz into your database and grab your customer, patient, employee, etc., data.  It’s the best example of “an ounce of prevention is worth a pound of cure” in IT security.

This article highlights the reason why we invested the time and resources to develop the In Configuration We Trust toolset, which includes a free scanner and original research into the topic.  You can access the toolset here; give it a try, the data on your machine will thank you.

You can find Brian’s article – Configuration Mistakes Make for Costly Security Gaps, here.

Tags:
, , ,

Leave a Reply

Additional articles

Sudo_logo

Don’t Create a Different sudoers File for Each System

Posted May 20, 2015    Randy Franklin Smith

What if you have multiple Linux and/or Unix systems? Sudo management can become onerous and unwieldy if you try to manage a different sudoers file on each system. The good news is that sudo supports multiple systems.

password-safety

What Does Microsoft Local Administrator Password Solution Really Do?

Posted May 19, 2015    Morey Haber

LAPS is a feature that allows the randomization of local administrator accounts across the domain. Although it would seem that this capability overlaps with features in BeyondTrust’s PowerBroker Password Safe (PBPS), the reality is it is more suited for simple use cases such as changing the local Windows admin account and not much more.

Tags:
, ,
webinar_ondemand

On Demand Webinar: Securing Windows Server with Security Compliance Manager

Posted May 14, 2015    BeyondTrust Software

On Demand Webinar: Security Expert Russell Smith, explains how to use Microsoft’s free Security Compliance Manager (SCM) tool to create and deploy your own security baselines, including user and computer authentication settings.

Tags:
, ,