BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Mid-Market Security Strategies, Focus Areas, and Feature Favorites

Posted August 25, 2011    Alejandro DaCosta

The more conversations I have with security professionals, the more I see them strategizing how to best secure their networks with lower operating budgets.  I see more and more individuals having to deal with security issues as well as other aspects of their IT department during daily operations.  Their strategy has been condensed to acquire a security solution that is easy to implement, requires low maintenance, and is nearly fully automated.  It is also  a plus if the solution handles multiple IT and security disciplines, such as the eEye Retina CS model, which integrates assessment, mitigation, and protection into a single solution. The overall strategy then is to deploy a solution in an automated fashion, assess the security of the environment, generate reports for both the technical and executive teams, and automatically deliver them to the corresponding personnel.  This allows organizations to implement a solution that does not impact  busy schedules and does not require the labor intensive efforts  of running manual scans and generating reports.

Within many businesses, the focus seems to be around Microsoft and their security updates.  Often, the focus is even narrower and is only around a server environment, including only performing non-credentialed scans. Workstations and laptops are left off an assessment and only covered if time permits.  It rarely does.

I always try my hardest to encourage all my clients to scan, analyze, and protect every device in an environment as any of them could be used against you in an attack.  Also, Microsoft is not always your biggest threat. Having a solution that can properly identify all of your threats regardless of the operating system or application is crucial. Platform specific assessment does not provide a good perspective with the mix of devices almost all businesses have deployed. From a regulatory compliance perspective, we are seeing a strong increase in businesses needing to be PCI compliance due to the ubiquitous acceptance of credit cards.  10 years ago, retail establishments represented the bulk of businesses that took credit cards; today you are hard pressed to find a business that does not. With this, I am seeing that the mid-markets are having to adhere as well and the restrictions are as stringent and complicated as ever. This is forcing many companies, for the first time, to look into performing vulnerability assessment against many compliances in addition to PCI.  Again, the focus on ease of use becomes a huge factor.

An increasing amount of attention is rightly paid to the reporting capability of these security products. Whether you are concerned with Microsoft patching, vulnerabilities in general, or a particular set of regulatory compliances, being able to get the reports that make sense and deliver the information in the correct format with proper references is definitely required.  I see many security IT personal wasting time manually consolidating data from multiple sources to build executive reports because of the lack of customization and reporting capabilities in their current tools. I find this to be unacceptable; one should not spend time manually putting together reports when this time could be better used in other tasks.  A security tool should work for you; you should not work for it.  The right reports and ability to customize these reports is key.  As seen with eEye’s Retina CS and Retina Insight solutions, it should be easy to create reports, customize them, and automatically run them behind the scenes on a scheduled basis with little to no user intervention.

As the old cliché states: “Let’s work smarter and not harder.” Check out Retina CS and Retina Insight and let eEye’s technology do the hard work for you.

Leave a Reply

Additional articles

On Demand Webinar: Because Auditing Stinks Sometimes

Posted July 2, 2015    Lindsay Marsh

Auditing stinks. Well, mostly stinks. In this on demand webinar, lead by Group Policy MVP Jeremy Moskowitz, you’ll learn the three key tenets to real Group Policy auditing. Tenet 1: Why do you care about Group Policy auditing? Tenet 2: How does Eventing help you know “Who did what?” Tenet 3: How does Reporting tell…

skeletonkey3_713678_713680

Stopping the Skeleton Key Trojan

Posted June 29, 2015    Robert Auch

Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.

Tags:
, , , , ,
webinar 2

On Demand Webinar: 10 Steps to Building an Effective Vulnerability Management Program

Posted June 26, 2015    BeyondTrust Software

In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now.

Tags:
, ,