BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

patch-tuesday

Microsoft Patch Tuesday – November 2011

This month Microsoft released four security bulletins, patching a total of four vulnerabilities. Included in this month’s bulletins is a particularly ugly vulnerability in tcpip.sys (MS11-083). This vulnerability involves sending a large amount of UDP packets to a closed port. While the amount of work to exploit seems great and Microsoft feels that exploitation will…

Post by Chris Silva November 8, 2011
lucy2

In a Perfect World, Trust Is All You Need

This week I had an interesting exchange with a full-time Linux administrator. What started out as a discussion about PowerBroker Servers Linux Edition, quickly became a heated debate about trust. After much back and forth, he said this: “At the end of the day, employers need to trust the employees. Relying on technological solutions to ‘keep honest people honest’ is putting the cart before the horse. If you can’t trust your employees, you shouldn’t have hired them.”

Post by Peter McCalister November 8, 2011
gone 60

Identity Thief Irene More Profitable Than Memphis Raines

How many of you remember the Nicholas Cage character, Memphis Raines in the action movie Gone in 60 Seconds? If you do, bravo for being an action movie buff… for those of you not “in the know” he was a (fictional) car thief who had to steal 50 high end cars in just one night.

Post by Peter McCalister November 7, 2011
winning

Webinar Winner! Congratulations to the Winner of Our Motorola Xoom Tablet Giveaway!

Recently we hosted a webinar with VMware, “Close Your Virtual App Security Gap”. If you haven’t had a chance to check out the materials from that webcast, you can find the slides here. It was a great session, where the eEye and VMware ThinApp product teams talked about virtual app security and how virtual apps can…

Post by Mike Puterbaugh November 6, 2011
Tags:
,
book

New Least Privilege Book Garners Initial Reviews

Two weeks ago a new book called “Preventing Good People From Doing Bad Things” was published by Apress Media, and I even published the top 10 reasons to buy the book last week in this blog, but why take my word for it when you can look to those independent reviewers for unbiased insight?. Bob…

Post by Peter McCalister November 4, 2011
ico-pbmobile

Close Your Virtual App Security Gap

Virtual apps, and specifically those deployed by market leading VMware’s ThinApp technology, are becoming increasingly popular in the financial services and healthcare-related fields, as well as with government agencies.   Why?  The technology allows IT teams easily streamline application mobility and eliminate application conflicts on the desktop, which at the end of the day, means…

Post by Mike Puterbaugh November 3, 2011
Tags:
,
numbers

It’s the Little Things That Count

As we discussed several times, enterprise IT security isn’t easy. As recent article at Dark Reading makes clear, part of the reason is that even the smallest flaw can lead to a major security breach.

Post by Peter McCalister November 3, 2011
villain trio

13 Data Breaches Preventable WIth Least Privilege

Most companies fear the cost of data breaches more than anything, while others fear the embarassing negative publicity wich can have even great negative impact on their organization when misuse of privilege makes the national news.

Post by Peter McCalister November 2, 2011
guy laptop

Why To Consider Partners As Potential Insider Threats Too

In early September BeyondTrust CMO Brian Anderson covered the news around Stanford Hospital & Clinics medical privacy breach that resulted in 20,000 patients’ personal data being publicly available on a website for nearly a year. At the time the breach was first reported by The New York Times, it was unclear how the data made it onto the website.

Post by Peter McCalister November 1, 2011
Lockdown

Data Breaches…And How Insiders Affect Them

With all the data breaches in the news these days, security is definitely a hot topic in the information technology community. Preventing risks and threats is the core of keeping information, and ultimately people, safe.

Post by Peter McCalister October 31, 2011