Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

10 Things You Should Know About PowerBroker Auditor for Active Directory

Rapid installation and minimal training with no reliance on native auditing tools Unmatched scalability and performance (“Our typical traffic volume is more than 1.5 million events per day and Blackbird has scaled-up effortlessly,” Josh Munn, Senior Systems Administrator, The University of Mississippi Medical Center) Real-time collection and alerting for active directory and group policy changes…

Post by Morgan Holm February 21, 2012
, , ,
ca flag

The Proper Insider Threat Precautions Could Save You

The new California Data Breach Notification Bill (SB 24) mandating that holders of data notify consumers when their personal data has been breached went into effect at the beginning of this year. The bill has been in the works for several years and as the number of exposed personal records continues to climb (currently estimated…

Post by Peter McCalister February 21, 2012

Webinar This Thursday: Turning Your Big Security Data into a Big Advantage

What’s Your Strategy for Big Security Data? The idea of “big data” has technology vendors and customers alike scrambling to come up with ways to manage the limitless amounts of data being generated by apps, API’s, databases, web services, etc. For organizations with aggressive security and compliance requirements, the security data driving today’s modern threat…

Post by Sarah Lieber February 21, 2012
, , , , , ,
cloud sec

Who Is In Charge Of Your Cloud Security?

Usually, the way we define and implement security is driven by compliance. But despite a wide number of frameworks from the Information Systems Audit and Control Association‘s (ISACA) Control Objectives for Information and related Technology (COBIT) to Payment Card Industry Data Security Standards (PCI DSS), those compliance standards aren’t very clear, leaving ample room for…

Post by Peter McCalister February 20, 2012

Active Directory Changes Got You Down?

When active directory goes down, everyone notices. Users cannot log in, applications become unusable and organizations lose money. Let’s face it, even without malicious events, people still make mistakes. Although recovering from directory outages can be streamlined with point in time and continuous recovery solutions such as PowerBroker Recovery for Active Directory, it’s always less…

Post by Morgan Holm February 17, 2012
, ,
pbwd rules

Some People Collect Stamps, I Collect Least Privilege Rules

As I guide folks through setting up and using PowerBroker Windows Desktops I’m always thinking ahead, past the, ‘Phase 1′ deployment. A big part of this is sorting out your rule set, (Policies that dictate what elevation an application receives, or whether it is even allowed to execute), into collections. A collection is a folder…

Post by Peter McCalister February 17, 2012

Top 10 Reasons To Implement Least Privilege For Clouds

Taking a more tongue-in-cheek approach to highlighting the types of privilege misuse that occurs daily in cloud environments, I thought that a top-ten list approach might appeal to you as well. How many of these have you seen throughout your organization? #10—Andy, the admin at , won’t be able to use his admin privileges to…

Post by Peter McCalister February 15, 2012

Retina CS Turns Patch Tuesday into Simply “Tuesday”

Last week we announced Retina CS 3.0 – which extends our already market-leading vulnerability management capabilities for mobile devices – by adding in support for Android devices, as well as Microsoft Exchange ActiveSync – and sets a new bar for enterprise cloud security, allowing private cloud deployments based on Amazon Web Services (AWS) and VMware…

Post by Mike Puterbaugh February 15, 2012
, , , , , ,

Microsoft Patch Tuesday – February 2012

Ahh Valentine’s Day. Time to leave work early, buy a box of chocolates for your loved one, and fight through the crowds for a table at your favorite restaurant. Or, if you happen to be gainfully employed in IT security, time to spend the evening at work with your coworkers, patching servers and drinking a…

Post by Chris Silva February 14, 2012
dod logo

Capping Insider Leaks

Capping insider leaks is a top priority for the U.S. intelligence community – so much so that a “national insider threat policy” will soon be enforced. A Presidential Directive has already been issued ordering all departments and agencies to open an Insider Threat Program Management Office (PMO). Yet while the government is ordering directives on…

Post by Peter McCalister February 14, 2012