BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Mid-Market Security Strategies, Focus Areas, and Feature Favorites

Posted August 25, 2011    Alejandro DaCosta

The more conversations I have with security professionals, the more I see them strategizing how to best secure their networks with lower operating budgets.  I see more and more individuals having to deal with security issues as well as other aspects of their IT department during daily operations.  Their strategy has been condensed to acquire a security solution that is easy to implement, requires low maintenance, and is nearly fully automated.  It is also  a plus if the solution handles multiple IT and security disciplines, such as the eEye Retina CS model, which integrates assessment, mitigation, and protection into a single solution. The overall strategy then is to deploy a solution in an automated fashion, assess the security of the environment, generate reports for both the technical and executive teams, and automatically deliver them to the corresponding personnel.  This allows organizations to implement a solution that does not impact  busy schedules and does not require the labor intensive efforts  of running manual scans and generating reports.

Within many businesses, the focus seems to be around Microsoft and their security updates.  Often, the focus is even narrower and is only around a server environment, including only performing non-credentialed scans. Workstations and laptops are left off an assessment and only covered if time permits.  It rarely does.

I always try my hardest to encourage all my clients to scan, analyze, and protect every device in an environment as any of them could be used against you in an attack.  Also, Microsoft is not always your biggest threat. Having a solution that can properly identify all of your threats regardless of the operating system or application is crucial. Platform specific assessment does not provide a good perspective with the mix of devices almost all businesses have deployed. From a regulatory compliance perspective, we are seeing a strong increase in businesses needing to be PCI compliance due to the ubiquitous acceptance of credit cards.  10 years ago, retail establishments represented the bulk of businesses that took credit cards; today you are hard pressed to find a business that does not. With this, I am seeing that the mid-markets are having to adhere as well and the restrictions are as stringent and complicated as ever. This is forcing many companies, for the first time, to look into performing vulnerability assessment against many compliances in addition to PCI.  Again, the focus on ease of use becomes a huge factor.

An increasing amount of attention is rightly paid to the reporting capability of these security products. Whether you are concerned with Microsoft patching, vulnerabilities in general, or a particular set of regulatory compliances, being able to get the reports that make sense and deliver the information in the correct format with proper references is definitely required.  I see many security IT personal wasting time manually consolidating data from multiple sources to build executive reports because of the lack of customization and reporting capabilities in their current tools. I find this to be unacceptable; one should not spend time manually putting together reports when this time could be better used in other tasks.  A security tool should work for you; you should not work for it.  The right reports and ability to customize these reports is key.  As seen with eEye’s Retina CS and Retina Insight solutions, it should be easy to create reports, customize them, and automatically run them behind the scenes on a scheduled basis with little to no user intervention.

As the old cliché states: “Let’s work smarter and not harder.” Check out Retina CS and Retina Insight and let eEye’s technology do the hard work for you.

Leave a Reply

Additional articles

VMware Hardening Guidelines-img3

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

Posted February 27, 2015    BeyondTrust Research Team

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent…

Tags:
, , , ,
dave-shackleford-headshot

Privileged Passwords: The Bane of Security Professionals Everywhere

Posted February 19, 2015    Dave Shackleford

Passwords have been with us since ancient times. Known as “watchwords”, ancient Roman military guards would pass a wooden tablet with a daily secret word engraved from one shift to the next, with each guard position marking the tablet to indicate it had been received. The military has been using passwords, counter-passwords, and even sound…

Tags:
, , ,
Privileged Account Management Process

In Vulnerability Management, Process is King

Posted February 18, 2015    Morey Haber

You have a vulnerability scanner, but where’s your process? Most organizations are rightly concerned about possible vulnerabilities in their systems, applications, networked devices, and other digital assets and infrastructure components. Identifying vulnerabilities is indeed important, and most security professionals have some kind of scanning solution in place. But what is most essential to understand is…

Tags:
, , , , ,