BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Nefarious and Angry Employees Still a Primary Threat to Organizations

Posted March 26, 2012    Peter McCalister

A new Ponemon study reports that the number of data breaches caused by malicious attacksincreased from 31 percent in 2010 to 37 percent in 2011, with malicious insiders being responsible for 33 percent of attacks. In the report Ponemon states, “We think about the evil hacker, which is pretty serious stuff, but in our study, we find that it’s really the malicious insider – someone who’s nefarious or angry at the organization – that presents the real danger to the company.”

The study also reports that 39 percent of data breaches in 2011 were caused by negligent insiders. When you combine the threats posed by malicious and negligent employees, organizations of all sizes have cause for concern.

The good news is there are steps that can be taken to secure the perimeter within:

• Implement privileged identity management policies to create boundaries that enable end users and applications to communicate freely within an IT environment without worry of intentional, accidental or indirect misuse of privilege
• Implement a least privilege strategy, granting users only standard rights, but permitting elevation of privileges as required to enable them to do their jobs effectively
• Secure and monitor passwords for the ability to track and log their use, while having visibility into the granular details about when someone logged in, the keystrokes they performed and the information they accessed

With the right combination of policies and strategies in place, organizations can mitigate the opportunity for an employee – whether malicious or negligent – to take a risky action in the first place.

Leave a Reply

Additional articles

red-thumbprint

Why big data breaches won’t always be so easy

Posted September 19, 2014    Byron Acohido

This blog post is republished with the permission of ThirdCertainty. See the original post here. – By: Byron Acohido, Editor-In-Chief, ThirdCertainty Some day, perhaps fairly soon, it will be much more difficult for data thieves to pull off capers like the headline-grabbing hacks of Home Depot and Target. That’s not a pipe dream. It’s the projected outcome…

Tags:
, , , , ,
pbps-blog2

8 Reasons Your Privileged Password Management Solution Will Fail

Posted September 18, 2014    Chris Burd

Leveraging complex, frequently updated passwords is a basic security best practice for protecting privileged accounts in your organization. But if passwords are such a no-brainer, why do two out of three data breaches tie back to poor password management? The fact is that not all privileged password management strategies are created equal, so it’s critical…

Tags:
, , , , , ,
pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,