BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

bigdata-98x98

Webinar This Thursday: Turning Your Big Security Data into a Big Advantage

What’s Your Strategy for Big Security Data? The idea of “big data” has technology vendors and customers alike scrambling to come up with ways to manage the limitless amounts of data being generated by apps, API’s, databases, web services, etc. For organizations with aggressive security and compliance requirements, the security data driving today’s modern threat…

Post by Sarah Lieber February 21, 2012
Tags:
, , , , , ,
cloud sec

Who Is In Charge Of Your Cloud Security?

Usually, the way we define and implement security is driven by compliance. But despite a wide number of frameworks from the Information Systems Audit and Control Association‘s (ISACA) Control Objectives for Information and related Technology (COBIT) to Payment Card Industry Data Security Standards (PCI DSS), those compliance standards aren’t very clear, leaving ample room for…

Post by Peter McCalister February 20, 2012

Active Directory Changes Got You Down?

When active directory goes down, everyone notices. Users cannot log in, applications become unusable and organizations lose money. Let’s face it, even without malicious events, people still make mistakes. Although recovering from directory outages can be streamlined with point in time and continuous recovery solutions such as PowerBroker Recovery for Active Directory, it’s always less…

Post by Morgan Holm February 17, 2012
Tags:
, ,
pbwd rules

Some People Collect Stamps, I Collect Least Privilege Rules

As I guide folks through setting up and using PowerBroker Windows Desktops I’m always thinking ahead, past the, ‘Phase 1′ deployment. A big part of this is sorting out your rule set, (Policies that dictate what elevation an application receives, or whether it is even allowed to execute), into collections. A collection is a folder…

Post by Peter McCalister February 17, 2012
cloudlock1

Top 10 Reasons To Implement Least Privilege For Clouds

Taking a more tongue-in-cheek approach to highlighting the types of privilege misuse that occurs daily in cloud environments, I thought that a top-ten list approach might appeal to you as well. How many of these have you seen throughout your organization? #10—Andy, the admin at , won’t be able to use his admin privileges to…

Post by Peter McCalister February 15, 2012
cloudsecurity-98x98

Retina CS Turns Patch Tuesday into Simply “Tuesday”

Last week we announced Retina CS 3.0 – which extends our already market-leading vulnerability management capabilities for mobile devices – by adding in support for Android devices, as well as Microsoft Exchange ActiveSync – and sets a new bar for enterprise cloud security, allowing private cloud deployments based on Amazon Web Services (AWS) and VMware…

Post by Mike Puterbaugh February 15, 2012
Tags:
, , , , , ,
patch-tuesday

Microsoft Patch Tuesday – February 2012

Ahh Valentine’s Day. Time to leave work early, buy a box of chocolates for your loved one, and fight through the crowds for a table at your favorite restaurant. Or, if you happen to be gainfully employed in IT security, time to spend the evening at work with your coworkers, patching servers and drinking a…

Post by Chris Silva February 14, 2012
dod logo

Capping Insider Leaks

Capping insider leaks is a top priority for the U.S. intelligence community – so much so that a “national insider threat policy” will soon be enforced. A Presidential Directive has already been issued ordering all departments and agencies to open an Insider Threat Program Management Office (PMO). Yet while the government is ordering directives on…

Post by Peter McCalister February 14, 2012

DLP, Insider Threats, File Auditing and Reporting

The growth of the cloud, virtualization and the consumerization of IT continue to provide companies and end users with more flexibility. However, they also raise some challenges for IT departments. One such challenge that is commonly discussed is data loss prevention (DLP), or the ability to identify, monitor and protect sensitive corporate information.  While some…

Post by Morgan Holm February 13, 2012
Tags:
, , , , , , ,
DADT

Don’t Ask, Don’t Tell!

Nope this is not a blog about sexual preference in the military. Nor is it a blog about what happened in Vegas during the last tradeshow you attended. It is a scary observation regarding what to do in the aftermath of a breach. A recent article titled “IT Pros Believe Data Breach Harm Assessment Is…

Post by Peter McCalister February 13, 2012