BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
Picture-5

Missed it Live? On Demand March VEF Now Available + Live Q&A Answered

Posted March 15, 2012    Sarah Lieber

Miss our live Vulnerability Expert Forum webinar earlier this week? Never fear, I’ve put the recording + slides + Q&A all together here for your convenience. Take your pick.

Categories:
Security Research
Tags:
, , , , ,
Good-better-best

Identity Management is Best in Enterprise Security

Posted March 14, 2012    Peter McCalister

I think we’re all familiar with the concept of “good, better, best.” This theory allows us to measure how our actions rank against whatever end goal we may have established. In order to achieve our goals, we have to be sure our choices and our actions are “best,” as settling for “good” or “better” could…

Categories:
General
cs_patch-view-680x484

Patching is Still a Challenge? Yup.

Posted March 14, 2012    Morey Haber

eEye has always taken a “zero gap” approach to our threat management product strategy. That thinking has been the driver for our market firsts in support for new technologies such as cloud, mobile, and virtualization vulnerability management. These new technologies bring tremendous benefits, but they also bring risks with them as well, which must be…

Categories:
General
Tags:
, , , , ,
patch-tuesday

Microsoft Patch Tuesday – March 2012

Posted March 13, 2012    Chris Silva

March – the month that brings us spring training, NCAA March Madness, Pi Day, and St. Patrick’s Day (including the requisite Shamrock Shake). To go along with these exciting events, Microsoft has chipped in with six security bulletins for the March edition of Patch Tuesday.

Categories:
Security Research
male_user_help_256

Do You Know Where Your Linux/UNIX Users Are?

Posted March 13, 2012    Peter McCalister

Or even who they are? Sure you do, you say. You have someone responsible for managing Linux and UNIX user accounts. She manages the user store, grants user access to specific Linux/UNIX servers, and assigns specific privileges to users on those servers. When someone leaves the company, she makes sure the specific user accounts are…

Categories:
General
img

Insider Threats Can Start from the Outside, Too

Posted March 12, 2012    Peter McCalister

The term insider threats used to spark images of malicious employees stealing copies of filesor looking at information they weren’t supposed to, but in today’s complex world of technology, insider threats have evolved. According to a preliminary version of the Verizon 2012 Data Breach Investigations Report, 92 percent of attacks analyzed were external in origin,…

Categories:
General
gold-bar

Granular Control is Gold

Posted March 9, 2012    Peter McCalister

If you haven’t noticed, there are some things in our enterprises that we just can’t afford to leave generic. Certain things need to be fine-tuned and customized in ensure the success (and security) of each individual company. One of these is the level of privilege each user has. You need to be able to define…

Categories:
General
Break in

Helping Executives Understand Least Privilege

Posted March 6, 2012    Peter McCalister

I think it’s a given that each organization is different. With unique personalities and diverse corporate cultures, every enterprise is faced with a different set of challenges. Especially when it comes to IT priorities – every business places different importance and priorities in different places. Security is one of the areas, however, that every company…

Categories:
General
annie

APT Vehicle of Choice: The Accidental Insider

Posted March 5, 2012    Peter McCalister

APT is the buzzword everyone is using. Companies are concerned about it, the government is being compromised by it, and consultants are using it in every presentation they give. But people fail to realize that the vulnerabilities these threats compromise are the insider — not the malicious insider, but the accidental insider who clicks on…

Categories:
General
cloudlock

Embrace your cloud with confidence and control!

Posted March 2, 2012    Peter McCalister

Security concerns continue to be top impediments to cloud adoption but business demands are pushing IT cloud initiatives forward. IT must meet business demands while keeping systems and data safe as they embrace cloud solutions. At the RSA conference this week in San Francisco, cloud computing is top of mind. Much of the focus is…

Categories:
General