Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Win 7 logo

Beware The Risk Of The Vulnerable Corporate Desktop

Anyone who has spent any time at all in the cyber-security space knows that hackers and creators of malware don’t rest for an instant. The harder the IT security world works to stay ahead of the cyber-criminals (or, more accurately, to keep pace or catch up to them), the faster increasingly sophisticated attacks burst into…

Post by Peter McCalister February 10, 2012
tale of least privilege

What The Dickens Can I Do To Secure My Servers?

“It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness…” these opening words of A Tale of Two Cities (1859), a novel by Charles Dickens, have always stayed with me. While these words were written over 150 years ago they resonate…

Post by Peter McCalister February 9, 2012
Stones Cloud

Hey You Get Off Of My Cloud

Any Rolling Stones fans out there? Well I guess if you were singing along to this when it came out, then you didn’t know that you’d be a least privilege geek in 2012 either. Either way, as I was humming along to myself the other day I couldn’t help but think of the metaphor as…

Post by Peter McCalister February 8, 2012

And The Data Breaches Just Keep On Coming…

Recently two new data breaches were announced, one the result of an accidental misuse of privilege and the other the result of negligence by a third party vendor. First, the Department of Veterans Affairs announced it accidentally handed over the data of living veterans when complying with a Freedom of Information request from The…

Post by Peter McCalister February 7, 2012
villain trio

Who is To Blame When An Insider Breach Occurs?

As I’ve waded through the hundreds of published insider breaches from just the last two years, what was a clear recurring theme was that of the vagaries of human nature. Not meaning to wax poetic, but it was always an individual who misused their own, or some other insider’s, privileged access authorizations to IT systems…

Post by Peter McCalister February 6, 2012
Accidental Harm

But Users Aren’t That Savvy….NOT!

BeyondTrust has been doing Privilege Management for over 25 years. I’ve been with the company for over six of them. I’m constantly talking with people about the benefits of running their enterprise users as standard users, rather than administrative ones. Admin users are able to circumvent Group Policy or other security measures, such as installing…

Post by Peter McCalister February 2, 2012

Industry Experts Call Retina CS a ‘Flawless’ Best Buy

Yesterday Morey Haber gave our readers a sneak peek at what was to come with our soon-to-be-announced Retina CS 3.0 release. All of us here at eEye feel 3.0 will drive even greater distance between eEye and our competitors. Customers speak the loudest with regards to my backing up our claim of market and product…

Post by Mike Puterbaugh February 1, 2012
, , ,
guy tie

Database Security Risks Run Amok Without Oversight

As you can imagine, databases are in a class of data storage, organization, and management unto themselves. As such, the inherent security vulnerabilities in which a least privilege solution can help mitigate are also relatively unique. I’ve uncovered six that should be explored: Misconfigurations: Database schemas can be very temperamental and any misconfiguration error can…

Post by Peter McCalister February 1, 2012

Driving Security with Blind Spots

For those of us who commute in Southern California, driving isn’t as always as cut and dry as it is in other locations.  For example: say you’re driving down the highway at 70 mph and you realize at the last minute you need to exit 3 lanes over. Obviously you know this requires more than…

Post by Morey Haber January 31, 2012
, , ,
Intentional Harm

Layoffs May Lead to Insider Attacks

Employee terminations are, unfortunately, a necessary evil for corporations. In a time of recession, layoffs are more copious and often leave those affected angry and upset. It should come as no surprise that a small minority of those cases has led to disastrous consequences for former employers because of some terminated employee backlash. Just recently,…

Post by Peter McCalister January 31, 2012