BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Team

The Intersection of Policy, Technology & People

Lot’s of things come in threes. You can’t get fire unless you have heat, fuel and oxygen and a great swing just needs a tree, a tire and some rope. Turns out that you also can’t get to a least privilege environment unless you’ve dealt with the intersection of policy, technology and people.

Post by Peter McCalister May 16, 2011
insiderbreachlawsuit

The Cost of a Data Breach Just Went Up

Today, enterprises are hopefully well aware of the high price they could pay if they experience a breach in the confidential data of their customers. But now, in addition to applicable remediation expenses and a whole lot of bad publicity, companies may also have to fear the financial wrath of the government, as lawmakers have begun to institute fines for businesses that fail to secure their customers’ personal information.

Post by Peter McCalister May 13, 2011
cloudlock-1

Liabilities Can’t Be Outsourced

I wish I could take credit for the title of this blog, but it comes from a sentence recently written by Robert Lemos, Contributing Writer at DarkReading.com. In his article Mr. Lemos waxes poetic on how “Recent Breaches Spur New Thinking on Cloud Security.” This got me thinking about liability and how it seems everyone tries to delegate it away.

Post by Peter McCalister May 12, 2011
gold miner

Mining for Gold Through Data Analysis

Last week I blogged about how to realize the value of the gold mine of information in your compliance logs. I said you need a data analysis strategy and a strategy for how to engage the organization in using that data to uncover the misuse of privilege and potential for out of compliance scenarios. The human factor is important in designing any IT systems, but how does it apply here?

Post by Peter McCalister May 11, 2011
tablets-workplace

What Do You Think About the “In Configuration We Trust” Research Report?

Please use the Leave a Reply function below and send us your questions, comments, and thoughts regarding our research report “In Configuration We Trust.” – One person will be selected at random to win a new Amazon Kindle and $25 gift card. – Deadline to be entered into the contest is Friday 05/13/11 at noon PST….

Post by The eEye Research Team May 11, 2011
patch-tuesday

Microsoft Patch Tuesday – May 2011

Oh how I am starting to enjoy the odd numbered months this year. Back in January Microsoft released 2 bulletins. February followed with 12, March with 3, and April with 17. Now May has arrived with only 2 bulletins. If you are looking to avoid piles of patch deployment work this summer, I’d bet on…

Post by Chris Silva May 10, 2011
isaca-logo2

Survey Finds Compliance to be Top Security Concern

This week ISACA released results from its Top Business/Technology Issues Survey, which revealed that issues such as regulatory compliance, governance and information security management continue to top the list of enterprise IT concerns.

Post by Peter McCalister May 10, 2011
thumb_default

eEye Research Report: In Configuration We Trust

In configuration we trust. This statement couldn’t be truer to my research team and me, especially after discovering some of the findings in our latest report, which we publicly released last week. In the report, we describe simple configuration changes and software version upgrades that could mitigate many application vulnerabilities before patches are available. Some…

Post by Marc Maiffret May 9, 2011
Team

Customized Reporting: Just The Way You Like It

A solution can never have too many reports or can it ? I have seen products that have hundreds of reports and the titles and descriptions vary in just subtle ways using words like “sort by” or “group by”. Finding the one you need and that meets your business requirements can be a challenge and…

Post by Morey Haber May 9, 2011
sharing-300x273

Sharing Isn’t Always Caring Without Least Privilege

In kindergarten, we all learned an important lesson: how to share. Some people, as they grew up, seem to have taken this concept a little too far, with no real consideration for possible consequences. I’m not trying to undermine the importance of sharing as a general rule, but let’s just take a quick look at how sharing has “helped” in the recent past.

Post by Peter McCalister May 9, 2011