BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Don’t Leave Mobile Devices Unchecked in the Enterprise

Posted May 21, 2012    Peter McCalister

In recent months, there has been a lot of publicity around BYOD (Bring Your Own Device). Respectfully, this forward thinking personalizes work culture for employees as well as provides cost savings by scratching mobile device purchases off the list of company spending. Since BYOD provides the opportunity for individuals to act as their own administrators in a sense, mobile security vulnerabilities pose an ever increasing challenge for many companies securing their sensitive data.

Leaving mobile security out of integrated security strategies opens your network to breaches, and with more people conducting work related projects on their mobile devices, the gap widens for malicious attackers to slip through and compromise information. In a May 2012 survey by Informationweek focusing on BYOD, 86 percent of respondents permit use of personally owned devices at work now, with 80 percent of mobile devices requiring only passwords for mobile devices that access enterprise data/networks. Even scarier, just 14 percent require hardware encryption, which leaves a large opening for vulnerability exploitation.

The threats to mobile phones and tablets have been around for a long time. As mobile technology skyrockets to the point that cell phones are now hand held computers, threats to PCs, smartphones and tablets are one in the same. There are initiatives striving to bring the same security measures for PCs and servers to mobile devices, while still allowing workers to personalize their work efforts. Staying ahead of the curve is key. Marc Maiffret, founder of eEye and now CTO of BeyondTrust believes, “desktops and servers are still much bigger targets, which means there’s still time to figure out the mobile security questions.”

Leave a Reply

Additional articles

dave-shackleford-headshot

Tales from the Datacenter: Vulnerability Management Nightmares

Posted May 27, 2015    Dave Shackleford

Vulnerability scanning, threat management, risk analysis, patching, and configuration management are some of the major activities usually associated with vulnerability management, and none of these are new…so why are we failing so badly at many of them?

Tags:
, ,
Sudo_logo

Don’t Create a Different sudoers File for Each System

Posted May 20, 2015    Randy Franklin Smith

What if you have multiple Linux and/or Unix systems? Sudo management can become onerous and unwieldy if you try to manage a different sudoers file on each system. The good news is that sudo supports multiple systems.

password-safety

What Does Microsoft Local Administrator Password Solution Really Do?

Posted May 19, 2015    Morey Haber

LAPS is a feature that allows the randomization of local administrator accounts across the domain. Although it would seem that this capability overlaps with features in BeyondTrust’s PowerBroker Password Safe (PBPS), the reality is it is more suited for simple use cases such as changing the local Windows admin account and not much more.

Tags:
, ,