BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Looking For A Needle In A Haystack Without Least Privilege

Post by Peter McCalister December 7, 2011

Ever use the phrase that looking for something was like “finding a needle in a haystack”? If you’ve ever seen (or especially played in) a haystack then you understand the magnitude of that challenge. This also applies to IT security when trying to uncover who or what was able to access confidential information and either steal, damage or delete it altogether.

needle

As I talk to CIO’s around the world I am always perplexed why they lament the challenge of rooting out (excuse the pun) potential insider threats responsible for data loss and the possibility of a failed compliance audit. In organizations where everyone has full administrator access to the network, determining who might have leaked, stolen or damaged data would be like looking for a needle in a haystack.

For organizations running good least privilege systems, it’s possible to narrow down the possibilities of who had access to what and when to fewer individuals. With that in mind, employees might think again before blowing the whistle. This is especially true for server-based least privilege solutions where keystroke logging will record everything done at a granular level, whereas desktop least privilege usually just tracks at an event level.

This doesn’t, by any stretch, prevent data breaches from happening. If someone has privilege access, they can still steal or leak sensitive data. As suggested in previous blog posts, what good least privilege solu- tions can do, however, is provide a strong deterrent, because a good least privilege solution means access is not just leveraged on a “needs must” basis, it is logged too. Connect with an expert to find out what can be done for your organization.

Leave a Reply

Additional articles

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,

Vulnerability Expert Forum Highlights: April 2014

We had a great turnout for last week’s April 2014 Vulnerability Expert Forum (VEF) webcast. BeyondTrust Research experts, Carter and DJ, provided in-depth knowledge about the latest vulnerabilities and their potential impacts on network environments. Below are highlights from the Forum, plus an on-demand video of the presentation. Latest critical vulnerabilities, vendor patches, and zero-day…

Post by Chris Burd April 16, 2014
Tags:
, , , , ,
BI-5.1-user-asset-visibility-img

Understanding Who Has Access to What with BeyondInsight v5.1

Today, it’s my pleasure to introduce you to BeyondInsight version 5.1, the latest release of our IT Risk Management platform, which unifies several of our solutions for Privileged Account Management and Vulnerability Management. BeyondInsight v5.1 embodies BeyondTrust’s mission to give our customers the visibility they need to make smart decisions and reduce risk to their…

Post by Morey Haber April 15, 2014
Tags:
, , , , , , , , , , , ,