BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Least Privilege is the Cure for Enterprise Injury

Posted May 5, 2011    Peter McCalister

Have you ever really hurt yourself? Maybe broken a bone or torn a ligament? If your answer is yes, you’ll understand (all too well) when I say these injuries can hurt, cost a TON of money to fix, and sometimes happen in really embarrassing ways. Not surprisingly, bodily injuries aren’t the only wounds that can cause those consequences. Enterprise injury, specifically those caused by the misuse of privilege, can also be quite damaging in the exact same ways.

Enterprise injuries can hurt! Whether it’s someone accidentally downloading malware while running as an administrator to an employee with malicious intentions to depart with precious company information, pain can disrupt the fragile balance within your environment.

The misuse of privileges can cause an enterprise injury that costs a TON of money to fix!Physical injuries require treatment, sometimes extensive in nature, in order to heal properly. Your company is the exact same. Audits, investigations, and even loss of employment are all IT “surgeries” that are necessary to treat the damage caused by this type of wound.

Enterprise injuries can happen in embarrassing ways! Sometimes it’s a begrudged former employee. Other times it’s an indirect breach. Any time an individual can hack your security measure and access sensitive information, it becomes an embarrassment.

So what can be done to prevent such an injury to your company? It’s actually quite simple. Just like we can avoid injury to our physical bodies, steps can be taken to avoid damage to our enterprises, too. Instead of vitamins, exercise, and proper diet, however, your company needs a healthy dose of least privilege. If you eliminate the misuse of privilege by delegating administrator rights, rest assure that your company will be free from enterprise injury.

Leave a Reply

Additional articles

Dark Reading

2014: The Year of Privilege Vulnerabilities

Posted December 18, 2014    Chris Burd

Of the 30 critical-rated Microsoft Security Bulletins this year, 24 involved vulnerabilities where the age-old best practice of “least privilege” could limit the impact of malware and raise the bar of difficulty for attackers.

Tags:
, , , , ,
dave-shackleford-headshot

Looking back on information security in 2014

Posted December 16, 2014    Dave Shackleford

Dave Shackleford is a SANS Instructor and founder of Voodoo Security. Join Dave for a closer look at the year in security, and learn what you can do to prepare for 2015, with this upcoming webinar. 2014 has been one heck of an insane year for information security professionals. To start with, we’ve been forced…

Tags:
, ,
patch-tuesday

December 2014 Patch Tuesday

Posted December 9, 2014    BeyondTrust Research Team

This month marks the final Patch Tuesday of 2014. Most of what is being patched this month includes Internet Explorer, Exchange, Office, etc… and continues a trend of the greatest hits collection of commonly attacked Microsoft software. Probably the one thing that broke the mold this month is that for once there is not some…

Tags:
,