BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

In Denial Over Insider Threats?

Post by Peter McCalister September 19, 2011

Ever felt like if you could just ignore something, it would go away, disappear, self-correct? Guess what? The good news is you’re not alone. The bad news is that the company you’re keeping happens to be the majority of IT security professionals responsible for protecting corporate information assets.

An article published by Business News Daily published September 8, 2011 had the headline “Business In Denial When It Comes To IT Security Breaches” and goes on to report “Findings from a Tenable Network Security study show that more than 90 percent of IT security professionals surveyed discussed large-scale, high-profile breaches such as those at RSA, Citigroup and Sony with senior management — but only 23 percent did anything beyond that.”

The article also stated that “despite the large number of internal issues, those surveyed ranked preventing insider threats as the second-lowest information security priority for the next six to eight months, with mobile device security being the top priority.” and that “IT security professionals themselves also are to blame for the security breaches, according to the study. One in three security professionals admitted they had violated internal security policies they created in order to complete a work-related task more quickly or easily.”

This is why we are constantly pushing to implement least privilege solutions: because good people can do bad things intentionally, accidentally and indirectly.

Leave a Reply

Additional articles

BI-5.1-user-asset-visibility-img

Understanding Who Has Access to What with BeyondInsight v5.1

Today, it’s my pleasure to introduce you to BeyondInsight version 5.1, the latest release of our IT Risk Management platform, which unifies several of our solutions for Privileged Account Management and Vulnerability Management. BeyondInsight v5.1 embodies BeyondTrust’s mission to give our customers the visibility they need to make smart decisions and reduce risk to their…

Post by Morey Haber April 15, 2014
Tags:
, , , , , , , , , , , ,

PowerBroker for Unix & Linux Now Available via Web Services

This week BeyondTrust released a fully functional Web Services interface (REST API) for its PowerBroker for Unix & Linux product.  With this new feature users of the solution will now be able to remotely and securely configure and retrieve data via the API.  The Web Services interface implemented by BeyondTrust is an industry standard that…

Post by Paul Harper April 10, 2014
Tags:
, , , , ,

Heartbleed – When OpenSSL Breaks Your Heart

You’ve likely heard about the recent OpenSSL vulnerability, CVE-2014-0160, dubbed Heartbleed. The main takeaway of this vulnerability is that attackers can use this to obtain things like secret keys used for X.509 certificates, user names and passwords, instant messages, emails, and other highly sensitive information. For a technical analysis of the bug, check out this…

Post by BeyondTrust Research Team April 8, 2014
Tags:
, , ,