BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

New Integration of Retina CS & Powerbroker Windows to Provide Context-Aware Privilege Management

Posted October 1, 2012    Jerome Diggs

Every day there are new vulnerabilities being discovered that can be used to compromise your organizations computing environment. Crucial to properly protecting is not only good configuration and vulnerability management but the overall management of your users and their privileges within your environment. One of the most commonly recommended security best practices is to make sure your users are not running as Administrator where they do not need to be.

The reason that it is important to make sure users to do not run as Administrator is because of the exponential effects that malware can have on systems where Administrator access is gained. The difference between malware executing as an unprivileged user vs. an Administrator can mean the difference of potentially a single system being compromised or your entire network and confidential data.

That is why at BeyondTrust we have focused on creating a robust line of products for helping Administrators properly manage user privileges and rights. Our PowerBroker line of products gives you granular controls for Windows and UNIX/Linux to be able to decrease your attack surface and increase productivity. This happens through a process of removing Administrator rights from every day users and providing limited access Administrator rights only to specific users and only for specific applications. For example you no longer need your finance department all running as administrator just because a single financial app requires it. Now these users can run with least privileges while still accessing the financial application with the administrative privileges that are require. This can mean a major difference in a web based browser attack, such as the recent Internet Explorer 0day, and the level at which malware can successfully embed itself into a system to further an attacker’s access within your business.

At BeyondTrust we are dedicated to continually innovating our solutions to better meet today’s security challenges. One of the challenges we have seen with privilege management is the need to take a systems overall risk into context when deciding what level of privileges a user or system should be given. We have heard from customers that there are times when the notification or revocation of privileged rights should be reflected based on a systems risk level. This is important because sometimes a systems risk profile can be that of which allowing increased user rights may lead to further risk and threat of system compromise. Taking the mapping of risk and privileges into context can better help our customers make smarter decisions about their security.

To that end we are pleased to announce the integration of PowerBroker Windows, for Privilege Management, with Retina CS for Vulnerability and Risk Management. With the integration of these two technologies we are bringing to market the first instance of Privilege Management based on the context of a systems security risk profile. This allows for customers to now make decisions based on which users, systems and applications can have increased privileges based on a systems overall risk and susceptibility to attacks.

One great example of this integration is in the new ability for IT administrators to be alerted when a system has increased privileges and is susceptible to something such as a zeroday (unpatchable) Internet Explorer attack or really any number of risk and vulnerability related items.

contextawareprivilege-1

By leveraging our Smart Rules technology an Administrator can create real-time alerting to be kept abreast of any newly found systems that can be compromised or systems that have been mitigated from certain risks and are therefore no longer needing additional levels of restrictions on privileges.

This is just one example of more to come as we more closely integrate Privilege and Risk Management to better provide the much needed security context to better drive IT operational security. Stay tuned as our roadmap is full of a lot of extremely beneficial innovations to Privilege Management and solving complex security challenges that your organization is facing.

Tags:
, , , , , ,

Leave a Reply

Additional articles

Sudo_logo

Don’t Create a Different sudoers File for Each System

Posted May 20, 2015    Randy Franklin Smith

What if you have multiple Linux and/or Unix systems? Sudo management can become onerous and unwieldy if you try to manage a different sudoers file on each system. The good news is that sudo supports multiple systems.

password-safety

What Does Microsoft Local Administrator Password Solution Really Do?

Posted May 19, 2015    Morey Haber

LAPS is a feature that allows the randomization of local administrator accounts across the domain. Although it would seem that this capability overlaps with features in BeyondTrust’s PowerBroker Password Safe (PBPS), the reality is it is more suited for simple use cases such as changing the local Windows admin account and not much more.

Tags:
, ,
webinar_ondemand

On Demand Webinar: Securing Windows Server with Security Compliance Manager

Posted May 14, 2015    BeyondTrust Software

On Demand Webinar: Security Expert Russell Smith, explains how to use Microsoft’s free Security Compliance Manager (SCM) tool to create and deploy your own security baselines, including user and computer authentication settings.

Tags:
, ,