BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
gold-bar

Granular Control is Gold

Posted March 9, 2012    Peter McCalister

If you haven’t noticed, there are some things in our enterprises that we just can’t afford to leave generic. Certain things need to be fine-tuned and customized in ensure the success (and security) of each individual company. One of these is the level of privilege each user has. You need to be able to define…

Categories:
General
Break in

Helping Executives Understand Least Privilege

Posted March 6, 2012    Peter McCalister

I think it’s a given that each organization is different. With unique personalities and diverse corporate cultures, every enterprise is faced with a different set of challenges. Especially when it comes to IT priorities – every business places different importance and priorities in different places. Security is one of the areas, however, that every company…

Categories:
General
annie

APT Vehicle of Choice: The Accidental Insider

Posted March 5, 2012    Peter McCalister

APT is the buzzword everyone is using. Companies are concerned about it, the government is being compromised by it, and consultants are using it in every presentation they give. But people fail to realize that the vulnerabilities these threats compromise are the insider — not the malicious insider, but the accidental insider who clicks on…

Categories:
General
cloudlock

Embrace your cloud with confidence and control!

Posted March 2, 2012    Peter McCalister

Security concerns continue to be top impediments to cloud adoption but business demands are pushing IT cloud initiatives forward. IT must meet business demands while keeping systems and data safe as they embrace cloud solutions. At the RSA conference this week in San Francisco, cloud computing is top of mind. Much of the focus is…

Categories:
General
beckhoff

Beckhoff TwinCAT Scope View File Processing Vulnerability

Disclosed March 2, 2012    Zeroday : 881 days
Vendors: Beckhoff Automation GmbH
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
factormythimage-98x98

Don’t believe everything you hear when it comes to security

Posted March 1, 2012    Sarah Lieber

Our good friend Ellen Messmer, recently published Network World article “13 security myths you’ll hear — but should you believe?”  , which listed common security myths shared and commented on by some of security’s leading experts and practitioners. Working at a security company, I work (and also sit) closely with a stellar team of researchers….

Categories:
General
Tags:
, , , ,
The New York Times Co. Post An 82 Percent Decline In 2nd Quarter Profi

The Front Page of the New York Times

Posted March 1, 2012    Peter McCalister

Another day, another security breach. From the government, to banks, to healthcare, to major retailers, to beloved consumer brands, the only thing that seems safe to say is that no one is immune to the threats of today’s Internet-connected world. With strict breach notification legislation and regulations and the tenacity of today’s media, information security…

Categories:
General
eeye-451logos

Missed it Live? Watch the “Big Security Data” Webinar with 451 Research & eEye Here.

Posted February 29, 2012    Sarah Lieber

Recently, 451 Research and eEye hosted the webinar “Turning Your Big Security Data into a Big Advantage”. This discussion was on the topic of “Big Data” and how it relates to today’s security landscape. Featuring 451′s Andrew Hay, we covered how today’s enterprise IT and security teams can best leverage their ‘big security data’ to make…

Categories:
General
Tags:
, , , , , , ,
lock

The Secret to Server Compliance (Hint: It’s Not Sudo)

Posted February 29, 2012    Peter McCalister

Having spent many years in the software security space, I’m often reminded of how often the word security is paired with compliance – or even interchanged, as if they’re the same thing. Security and compliance are, of course, different things. Security is about ensuring the safety of a company’s assets, protecting sensitive data, ensuring that…

Categories:
General
Wild, Wild West11

Surveying the Wild Wild West of Microsoft Server Administration

Posted February 28, 2012    Peter McCalister

I was the on the phone with a large company discussing their requirements surrounding the control of administrator access to Microsoft based servers and applications. Within 5 minutes it became clear of where the folks on the phone stood: “managing our Microsoft servers is akin to the wild wild west”. In this company there are…

Categories:
General