Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

eye in the sky_smaller-resized-600.jpg

Monitoring the Highly Privileged User

Today there are more insider data breaches than ever before. Verizon reports that in 2010, 48 percent of all breaches were attributed to users who abused their network privileges to maliciously access and distribute sensitive corporate information. Even minor policy violations, whether deliberate or inadvertent, the study finds, correlate directly with more serious abuse. At…

Post by Peter McCalister June 13, 2011

McAfee Vulnerability Manager Utilizes Least Privilege

We recently announced the integration of our PowerBroker Server with McAfee’s Vulnerability Manager to help smooth compliance processes. The integration will give our customer’s the ability to better manage user access and privileges, while simultaneously expanding the coverage of security scans for a more complete, accurate view of IT security and compliance across physical, virtual…

Post by Peter McCalister June 10, 2011
broken chain

Insider Threats Aren’t Perpetrated By The Obvious: Part 2

Insider threats are a global phenomenon. Every company in every part of the world is subject to some level of insider threat. And guess what? Insider villains are just as unidentifiable in the UK as they are in the US. They appear just as innocuous in Poughkeepsie as they do in Perth. If you have…

Post by Peter McCalister June 9, 2011

Security and the Cloud

When enterprise applications and services migrate from the physical data center, organizations begin to lose visibility and control as the shared infrastructure model of the cloud forces IT to give up their traditional control over the network and system resources. As a result, many organizations and cloud providers will tell you that security continues to…

Post by Brad Hibbert June 8, 2011

A Shiny New Internet Expands Address Space and CyberSecurity

Wednesday, June 8, engineers, technicians and content providers who rely on the internet’s viability will conduct a grand, global experiment. On World IPv6 Day, Internet Protocol Version 6 (IPv6) will go live for a day on the public internet – turning on everywhere for (at least) 24 hours. Hopefully, not too much will break in…

Post by Peter McCalister June 8, 2011
broken chain

Reporting Snapshots and Saved Views

I would like to tell you about a new feature recently added to Retina Insight. It may sound so simple but it solves a huge problem for businesses that like to perform ad-hoc reports.  If your one of those companies that likes to run reports ad-hoc, when you want, and review it compared to older…

Post by Morey Haber June 7, 2011
Break in

Insider Threats Aren’t Perpetrated By The Obvious: Part 1

It would be nice if every villain inside your organization walked around wearing a big sign that broadcasts “bad guy looking to do bad things”, but alas it is only in the cartoons and movies of Hollywood where you can always find the stereotypical bad guy: black top hat, curled black mustache and sinister grin.

Post by Peter McCalister June 7, 2011
Yours for least privilege

Yours Mine and Ours

As we previously discussed, a recent report by the Ponemon Institute on the Security of Cloud Computing Providers showed “the majority of cloud computing providers do not consider security as one of their most important responsibilities”. So what are you to do if you want to use the cloud and need to do it in a secure and compliant way? To me it’s a matter of shared responsibility – yours, mine and ours.

Post by Peter McCalister June 6, 2011

Quintiles Selects PowerBroker for Desktops to Get Least Privilege

Quintiles Transnational is a company that helps improve healthcare worldwide by providing a broad range of professional services, information, and partnering solutions to the pharmaceutical, biotechnology, and healthcare industries. Headquartered near Research Triangle Park, North Carolina, and with offices in more than 40 countries, Quintiles is a leading global pharmaceutical services organization and a member of the Fortune 1000.

Post by Peter McCalister June 3, 2011

A Snapshot in Time: Looking at the Bigger Picture Around Vulnerability Assessment Data

Recently I had the pleasure of exhibiting at the Secure World conference in both the Atlanta and Philadelphia venues and had many interesting conversations with various CISO, CIO’s, Security Managers, Information Assurance Engineers and Auditors.  We talked about various subjects from some of the latest threats (i.e. the Playstation Network debacle) to vulnerability assessment.  One…

Post by Jerome Diggs June 2, 2011