Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.


You And I: The Not So Obvious Insider Threat

Remember the scene in Jerry Maguire where he has returned to his office to collect his stuff, after learning he has been let go, and he has a bit of a freak-out on the way out the door, grabbing the goldfish and making bold claims about the company he is going to build that will…

Post by Peter McCalister December 6, 2011

Black Market For Server Data Is Prevelant And Profitable

The economy of cyber-crime is all too real—and too enticing. No longer sequestered to dark alleys and seedy bars, data thieves have almost unlimited options to market their ill-gotten wares to potential buyers. What this means to employers and organizations: the temptation to access and “appropriate” sensitive data may be too great for some to resist.

Post by Peter McCalister December 5, 2011

The Confluence Of Influenza, 0Day Viruses and Least Privilege

What does influenza, 0day viruses and least privilege have in common you may ask? Besides just being a cool title to get you to read this blog, it turns out that natural mutations, the fear of the unknown and reducing attack surfaces is the short answer. The long answer is best understood by first reading…

Post by Peter McCalister December 2, 2011
old school

What’s New With IAM?

What’s New? Well according to some of the participants at the Gartner Identify and Access Management Summit in San Diego, not much.

Post by Peter McCalister December 1, 2011
least privilege architecture

Least Privilege Windows Architecturally Speaking

We’ve talked about least privilege throughout thisblog over the past two years at length, but why should a desktop user care? Ultimately, a user needs admin rights on the desktop to

Post by Peter McCalister November 30, 2011

M&M Security Bound To Be Eaten Without Least Privilege

No, I’m not talking about the Mars candy, funny characters pervasive on your TV, or even the legendary brown ones from a Van Halen concert rider.

Post by Peter McCalister November 28, 2011

Windows Server 2008 R2 Recycle Bin

Microsoft has included recovery capabilities with every release Active Directory (AD) from Windows Server 2000 on. There is a saying that has been around in IT for a long time, “An administrator is only as good as their last backup”. This is because accidental deletions of a single user object to the removal of hundreds…

Post by Morgan Holm November 26, 2011
, , , , , , ,

Don’t Be The IAM Turkey This Thanksgiving

Most of the United States and Canada are preparing for the anual food fest known as Thanksgiving tomorrow to celebrate the bountiful harvest season. Or is it just an excuse for a work holiday in November? Either way, you can be sure that the potential for IT security breaches increase as vigilance wains for the holiday season.

Post by Peter McCalister November 23, 2011
villain trio

The Insider Threat Epidemic

Insider threats, particularly unauthorized access by current and former employees, are still a growing concern for IT managers and network administrators, according to InformationWeek’s Insider Threat Reality Report. In the report, several internal issues were cited for network intrusions, including: lack of adequate security policies (17 percent); employee negligence (12 percent); unauthorized access by current…

Post by Peter McCalister November 22, 2011

Big Data? Is There Any Bigger Data Than Your Security Data?

The idea of “big data” has technology vendors and customers alike scrambling to come up with ways to manage the limitless amounts of data being generated by apps, API’s, databases, web services, etc. For organizations with aggressive security and compliance requirements, the security data driving today’s modern threat and risk intelligence (assessments, compliance reports, attack…

Post by Morey Haber November 22, 2011