BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Don’t Leave Mobile Devices Unchecked in the Enterprise

Posted May 21, 2012    Peter McCalister

In recent months, there has been a lot of publicity around BYOD (Bring Your Own Device). Respectfully, this forward thinking personalizes work culture for employees as well as provides cost savings by scratching mobile device purchases off the list of company spending. Since BYOD provides the opportunity for individuals to act as their own administrators in a sense, mobile security vulnerabilities pose an ever increasing challenge for many companies securing their sensitive data.

Leaving mobile security out of integrated security strategies opens your network to breaches, and with more people conducting work related projects on their mobile devices, the gap widens for malicious attackers to slip through and compromise information. In a May 2012 survey by Informationweek focusing on BYOD, 86 percent of respondents permit use of personally owned devices at work now, with 80 percent of mobile devices requiring only passwords for mobile devices that access enterprise data/networks. Even scarier, just 14 percent require hardware encryption, which leaves a large opening for vulnerability exploitation.

The threats to mobile phones and tablets have been around for a long time. As mobile technology skyrockets to the point that cell phones are now hand held computers, threats to PCs, smartphones and tablets are one in the same. There are initiatives striving to bring the same security measures for PCs and servers to mobile devices, while still allowing workers to personalize their work efforts. Staying ahead of the curve is key. Marc Maiffret, founder of eEye and now CTO of BeyondTrust believes, “desktops and servers are still much bigger targets, which means there’s still time to figure out the mobile security questions.”

Leave a Reply

Additional articles

PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,
darren-mar-elia

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

Posted August 20, 2014    Chris Burd

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management…

Tags:
, , , , , , ,