BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Cutting Pay? Think Least Privilege First

Posted February 4, 2011    Peter McCalister

There was a big story in Network World about an IT staffer who sold his own company pirated software, used corporate servers for his own purposes and even downloaded credit card information.

In the comments you see how the story plays out. It’s not an isolated incident created by a psycho criminal IT staffer – it’s the kind of thing that someone convinces themselves is okay after years of wrestling with outsourcing, feeling underpaid and under appreciated and built-up anger towards the company.

The case with Goldman should show how money is a matter of perspective. One of their top-paid developers appear to have stolen code in an effort to sell it to a startup competitor. Paying more won’t make a theft less likely, but – as we saw in the recession – layoffs and cuts can certainly create a risk.

So this is the context in which I view a major story today in the Wall Street Journal, which was also widely reported elsewhere. Goldman is often criticized for overpaying their staff, especially highly paid executives. Now that they’re starting to trim those bonuses, will employees have the perspective to realize they were overpaid in the first place? Or find “alternative means” to secure cash flow or seek vengeance against the company they believe has wronged them.

Before cutting salaries or cutting staff, security needs to be a core component of planning (especially implementing a least privilege environment) for that and I’m sure Goldman did just as much.

Leave a Reply

Additional articles

Sudo_logo

Don’t Create a Different sudoers File for Each System

Posted May 20, 2015    Randy Franklin Smith

What if you have multiple Linux and/or Unix systems? Sudo management can become onerous and unwieldy if you try to manage a different sudoers file on each system. The good news is that sudo supports multiple systems.

password-safety

What Does Microsoft Local Administrator Password Solution Really Do?

Posted May 19, 2015    Morey Haber

LAPS is a feature that allows the randomization of local administrator accounts across the domain. Although it would seem that this capability overlaps with features in BeyondTrust’s PowerBroker Password Safe (PBPS), the reality is it is more suited for simple use cases such as changing the local Windows admin account and not much more.

Tags:
, ,
webinar_ondemand

On Demand Webinar: Securing Windows Server with Security Compliance Manager

Posted May 14, 2015    BeyondTrust Software

On Demand Webinar: Security Expert Russell Smith, explains how to use Microsoft’s free Security Compliance Manager (SCM) tool to create and deploy your own security baselines, including user and computer authentication settings.

Tags:
, ,