BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

sql-injection

Treat The Symptom Or Cure The Disease

When virus outbreaks, data thefts and other security breaches impact an organizations computing systems, most will treat the symptoms instead of curing the disease. Treating the symptoms might include updating security software or policies, adding additional layers of security technology, and possibly locking down users so tightly that their productivity suffers.

Post by Peter McCalister August 3, 2011
anonymous

Hacker Popularity Overshadows Insider Attacks

Anonymous and LulzSec attacks have been making a splash across news headlines this summer. It should come as no surprise that hacker attacks are far more publicized than insider attacks. In fact, according to the 2011 CyberSecurity Watch Survey conducted by CSO Magazine and Deloitte, 70 percent of insider incidents are handled internally without legal action.

Post by Peter McCalister August 2, 2011
TLA

3 Reasons POS Should Give A DAM

Just when you thought we exceeded our TLA (three letter acronym) quota for the year, up pops this idea for a blog based on a recent discussion with a national retailer, and I couldn’t resist the play on acronyms and the potential for multiple interpretations. But don’t let the TLAs scare you. This is actually a serious topic that does effect any of you who are responsible for compliance across remote sales locations.

Post by Peter McCalister August 1, 2011

Data Governance – Why and How?

In my first blog post I talked about proving and maintaining compliance for data governance rules defined for file system resources in the enterprise. This post will continue the discussion of data governance, reviewing some of the reasons organizations are implementing these policies and processes as well as the main challenges associated defining the rules…

Post by Morgan Holm July 30, 2011
Tags:
, , , , , , ,
villain trio

Intent Versus Actions And Least Privilege

Insider threats are a global phenomenon. Every company in every part of the world is subject to some level of insider threat. And guess what? Insider villains are just as unidentifiable in the UK as they are in the US. They appear just as innocuous in Poughkeepsie as they do in Perth.

Post by Peter McCalister July 29, 2011
game theory

Game Theory, Audit Logs And Corporate Governance

Game theory and audit logs are two topics you don’t frequently see linked. But some recent research from the Center for Digital Strategies at the Tuck School of Business at Dartmouth College linked the two topics and showed that technology can play a critical role in reinforcing the human elements of good security.

Post by Peter McCalister July 28, 2011
governance

If You Can’t Change It, You Can’t Govern It

Corporate governance ensures accountability across the extended enterprise. It facilitates staying competitive and satisfying ever-changing government regulations while providing mechanisms and controls to reduce the inefficiencies that arise when individuals misuse privileges granted to them.

Post by Peter McCalister July 27, 2011
Tucks

The Outside Insider Threat

Gone are the days when insider threats meant you either had a malicious employee or someone made a mistake; in today’s world the insider threat is far more complex, often starting from the outside and working its way in.

Post by Peter McCalister July 26, 2011
os lion

How To Truly Support Mac OS X Lion

Supporting Mac OS X 10.7 Lion means more than just checking a box on a list of supported platforms. It means that you’ve engineered your product to take full advantage of the features of Lion, and deliver a seamless end-to-end experience for users and administrators.

Post by Peter McCalister July 25, 2011
Carl-resized-600

Insider Hero Introduced: Compliance Carl

In order to put a face on the depth and breadth of potential insiders that can be found throughout your enterprise, I will introduce you to three insider villains and three insider heroes. Each villain will represent one of the key misuse of privileges and each hero will represent key values delivered by least privilege. This sixth and final introduction will be of the most unlikely hero.

Post by Peter McCalister July 22, 2011