Microsoft Patch Tuesday – February 2012
Ahh Valentine’s Day. Time to leave work early, buy a box of chocolates for your loved one, and fight through the crowds for a table at your favorite restaurant. Or, if you happen to be gainfully employed in IT security, time to spend the evening at work with your coworkers, patching servers and drinking a…
Capping Insider Leaks
Capping insider leaks is a top priority for the U.S. intelligence community – so much so that a “national insider threat policy” will soon be enforced. A Presidential Directive has already been issued ordering all departments and agencies to open an Insider Threat Program Management Office (PMO). Yet while the government is ordering directives on…
Don’t Ask, Don’t Tell!
Nope this is not a blog about sexual preference in the military. Nor is it a blog about what happened in Vegas during the last tradeshow you attended. It is a scary observation regarding what to do in the aftermath of a breach. A recent article titled “IT Pros Believe Data Breach Harm Assessment Is…
Beware The Risk Of The Vulnerable Corporate Desktop
Anyone who has spent any time at all in the cyber-security space knows that hackers and creators of malware don’t rest for an instant. The harder the IT security world works to stay ahead of the cyber-criminals (or, more accurately, to keep pace or catch up to them), the faster increasingly sophisticated attacks burst into…
What The Dickens Can I Do To Secure My Servers?
“It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness…” these opening words of A Tale of Two Cities (1859), a novel by Charles Dickens, have always stayed with me. While these words were written over 150 years ago they resonate…
Hey You Get Off Of My Cloud
Any Rolling Stones fans out there? Well I guess if you were singing along to this when it came out, then you didn’t know that you’d be a least privilege geek in 2012 either. Either way, as I was humming along to myself the other day I couldn’t help but think of the metaphor as…
And The Data Breaches Just Keep On Coming…
Recently two new data breaches were announced, one the result of an accidental misuse of privilege and the other the result of negligence by a third party vendor. First, the Department of Veterans Affairs announced it accidentally handed over the data of living veterans when complying with a Freedom of Information request from Ancestry.com. The…
Who is To Blame When An Insider Breach Occurs?
As I’ve waded through the hundreds of published insider breaches from just the last two years, what was a clear recurring theme was that of the vagaries of human nature. Not meaning to wax poetic, but it was always an individual who misused their own, or some other insider’s, privileged access authorizations to IT systems…
But Users Aren’t That Savvy….NOT!
BeyondTrust has been doing Privilege Management for over 25 years. I’ve been with the company for over six of them. I’m constantly talking with people about the benefits of running their enterprise users as standard users, rather than administrative ones. Admin users are able to circumvent Group Policy or other security measures, such as installing…
Industry Experts Call Retina CS a ‘Flawless’ Best Buy
Yesterday Morey Haber gave our readers a sneak peek at what was to come with our soon-to-be-announced Retina CS 3.0 release. All of us here at eEye feel 3.0 will drive even greater distance between eEye and our competitors. Customers speak the loudest with regards to my backing up our claim of market and product…
