BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Lessons Learned from Privileged Identity Management Mistakes

Posted May 2, 2011    Peter McCalister

It never ceases to amaze me how predictable we are as human beings. Whether it’s continuing to repeat our own mistakes or thinking the consequences of others’ actions would never apply to us, it seems we’re far too eager to turn a blind eye to reality. Reality, however, has a funny way of coming back to haunt us.

Take, for example, the misuse of privilege. As security breaches become more and more prevalent, there are still companies that have not yet eliminated the risk of internal vulnerabilities. If employees have free reign over what they can access, a security breach stops becoming a question of if and becomes a question of when. That question, unfortunately, was answered for Gucci this past November.

Sam Chihlung Yin, after being fired as an IT network engineer for the company, used a fake network token he had created to gain unregulated access to the Gucci network. While using this token, he shut down virtual servers and storage, deleted a number of corporate inboxes, and duplicated sensitive materials from the database.

There are several lessons we can take away from Gucci’s experience. The first and foremost is to have an identity management solution in place within your enterprise. Allowing any employee unfettered access to all company assets is both unnecessary and dangerous. The second is to regularly monitor privileges as work roles, new employees, and new data emerge and change. Take the steps now to learn from the past, and prevent any insiders from misusing their privileges on any level.

Tags:
, ,

Leave a Reply

Additional articles

PowerBroker Password Safe Password Age Report

Reshaping Privileged Password Management with Password Safe 5.2

Posted July 21, 2014    Martin Cannard

Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development. New features for mitigating password risk and ensuring accountability enterprise-wide Here’s the 10,000-foot overview of…

Tags:
, , ,
PowerBroker for Windows tamper protection

PowerBroker for Windows 6.6 Tamper Protection

Posted July 18, 2014    Morey Haber

I have a bone to pick: Stopping an administrator from performing an action on a system is futile endeavor. As an administrator, there is always a way to circumvent a solution’s from tampered protection. Really! By default, Windows administrators have unrestricted access to the system – and even though an application, hardened configuration, or group policy…

Tags:
, ,
PowerBroker for Windows can be configured to automatically identify the end user’s language preference

Implementing Least Privilege Around the World with PowerBroker for Windows

Posted July 17, 2014    Morey Haber

BeyondTrust recognizes that international, multilingual businesses have unique operating challenges, especially when it comes to implementing enterprise software. PowerBroker for Windows is a least-privilege solution often deployed across thousands of systems spanning multiple geographies and protecting users of diverse backgrounds. Earlier this year, PowerBroker for Windows introduces new data privacy features for EMEA and APAC,…

Tags:
, ,