BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Mid-Market Security Strategies, Focus Areas, and Feature Favorites

Posted August 25, 2011    Alejandro DaCosta

The more conversations I have with security professionals, the more I see them strategizing how to best secure their networks with lower operating budgets.  I see more and more individuals having to deal with security issues as well as other aspects of their IT department during daily operations.  Their strategy has been condensed to acquire a security solution that is easy to implement, requires low maintenance, and is nearly fully automated.  It is also  a plus if the solution handles multiple IT and security disciplines, such as the eEye Retina CS model, which integrates assessment, mitigation, and protection into a single solution. The overall strategy then is to deploy a solution in an automated fashion, assess the security of the environment, generate reports for both the technical and executive teams, and automatically deliver them to the corresponding personnel.  This allows organizations to implement a solution that does not impact  busy schedules and does not require the labor intensive efforts  of running manual scans and generating reports.

Within many businesses, the focus seems to be around Microsoft and their security updates.  Often, the focus is even narrower and is only around a server environment, including only performing non-credentialed scans. Workstations and laptops are left off an assessment and only covered if time permits.  It rarely does.

I always try my hardest to encourage all my clients to scan, analyze, and protect every device in an environment as any of them could be used against you in an attack.  Also, Microsoft is not always your biggest threat. Having a solution that can properly identify all of your threats regardless of the operating system or application is crucial. Platform specific assessment does not provide a good perspective with the mix of devices almost all businesses have deployed. From a regulatory compliance perspective, we are seeing a strong increase in businesses needing to be PCI compliance due to the ubiquitous acceptance of credit cards.  10 years ago, retail establishments represented the bulk of businesses that took credit cards; today you are hard pressed to find a business that does not. With this, I am seeing that the mid-markets are having to adhere as well and the restrictions are as stringent and complicated as ever. This is forcing many companies, for the first time, to look into performing vulnerability assessment against many compliances in addition to PCI.  Again, the focus on ease of use becomes a huge factor.

An increasing amount of attention is rightly paid to the reporting capability of these security products. Whether you are concerned with Microsoft patching, vulnerabilities in general, or a particular set of regulatory compliances, being able to get the reports that make sense and deliver the information in the correct format with proper references is definitely required.  I see many security IT personal wasting time manually consolidating data from multiple sources to build executive reports because of the lack of customization and reporting capabilities in their current tools. I find this to be unacceptable; one should not spend time manually putting together reports when this time could be better used in other tasks.  A security tool should work for you; you should not work for it.  The right reports and ability to customize these reports is key.  As seen with eEye’s Retina CS and Retina Insight solutions, it should be easy to create reports, customize them, and automatically run them behind the scenes on a scheduled basis with little to no user intervention.

As the old cliché states: “Let’s work smarter and not harder.” Check out Retina CS and Retina Insight and let eEye’s technology do the hard work for you.

Leave a Reply

Additional articles

Dark Reading

2014: The Year of Privilege Vulnerabilities

Posted December 18, 2014    Chris Burd

Of the 30 critical-rated Microsoft Security Bulletins this year, 24 involved vulnerabilities where the age-old best practice of “least privilege” could limit the impact of malware and raise the bar of difficulty for attackers.

Tags:
, , , , ,
dave-shackleford-headshot

Looking back on information security in 2014

Posted December 16, 2014    Dave Shackleford

Dave Shackleford is a SANS Instructor and founder of Voodoo Security. Join Dave for a closer look at the year in security, and learn what you can do to prepare for 2015, with this upcoming webinar. 2014 has been one heck of an insane year for information security professionals. To start with, we’ve been forced…

Tags:
, ,
patch-tuesday

December 2014 Patch Tuesday

Posted December 9, 2014    BeyondTrust Research Team

This month marks the final Patch Tuesday of 2014. Most of what is being patched this month includes Internet Explorer, Exchange, Office, etc… and continues a trend of the greatest hits collection of commonly attacked Microsoft software. Probably the one thing that broke the mold this month is that for once there is not some…

Tags:
,