BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Mid-Market Security Strategies, Focus Areas, and Feature Favorites

Post by Alejandro DaCosta August 25, 2011

The more conversations I have with security professionals, the more I see them strategizing how to best secure their networks with lower operating budgets.  I see more and more individuals having to deal with security issues as well as other aspects of their IT department during daily operations.  Their strategy has been condensed to acquire a security solution that is easy to implement, requires low maintenance, and is nearly fully automated.  It is also  a plus if the solution handles multiple IT and security disciplines, such as the eEye Retina CS model, which integrates assessment, mitigation, and protection into a single solution. The overall strategy then is to deploy a solution in an automated fashion, assess the security of the environment, generate reports for both the technical and executive teams, and automatically deliver them to the corresponding personnel.  This allows organizations to implement a solution that does not impact  busy schedules and does not require the labor intensive efforts  of running manual scans and generating reports.

Within many businesses, the focus seems to be around Microsoft and their security updates.  Often, the focus is even narrower and is only around a server environment, including only performing non-credentialed scans. Workstations and laptops are left off an assessment and only covered if time permits.  It rarely does.

I always try my hardest to encourage all my clients to scan, analyze, and protect every device in an environment as any of them could be used against you in an attack.  Also, Microsoft is not always your biggest threat. Having a solution that can properly identify all of your threats regardless of the operating system or application is crucial. Platform specific assessment does not provide a good perspective with the mix of devices almost all businesses have deployed. From a regulatory compliance perspective, we are seeing a strong increase in businesses needing to be PCI compliance due to the ubiquitous acceptance of credit cards.  10 years ago, retail establishments represented the bulk of businesses that took credit cards; today you are hard pressed to find a business that does not. With this, I am seeing that the mid-markets are having to adhere as well and the restrictions are as stringent and complicated as ever. This is forcing many companies, for the first time, to look into performing vulnerability assessment against many compliances in addition to PCI.  Again, the focus on ease of use becomes a huge factor.

An increasing amount of attention is rightly paid to the reporting capability of these security products. Whether you are concerned with Microsoft patching, vulnerabilities in general, or a particular set of regulatory compliances, being able to get the reports that make sense and deliver the information in the correct format with proper references is definitely required.  I see many security IT personal wasting time manually consolidating data from multiple sources to build executive reports because of the lack of customization and reporting capabilities in their current tools. I find this to be unacceptable; one should not spend time manually putting together reports when this time could be better used in other tasks.  A security tool should work for you; you should not work for it.  The right reports and ability to customize these reports is key.  As seen with eEye’s Retina CS and Retina Insight solutions, it should be easy to create reports, customize them, and automatically run them behind the scenes on a scheduled basis with little to no user intervention.

As the old cliché states: “Let’s work smarter and not harder.” Check out Retina CS and Retina Insight and let eEye’s technology do the hard work for you.

Leave a Reply

Additional articles

BI-Qualys-Connector-IMG1

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree. Of course,…

Post by Morey Haber April 18, 2014
Tags:
, , , , , , , ,
insider-threat-fed

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
Tags:
, , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,