Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.


3 Things Local Admins Can Do That They Shouldn’t

Eliminating local admin rights from Microsoft Windows users is not just a nice thing you should do, but in fact a mandatory best practice for all of today’s enterprises wishing to stay secure and compliant.

Post by Peter McCalister March 29, 2011
Accidental Harm

Misuse Privilege and GO TO JAIL

You may have thought that misuse of privilege is a victim less crime and no one will care. Just ask former Goldman Sachs programmer, Sergey Aleynikov what he is doing for the next 8 years and then decide for yourself.

Post by Peter McCalister March 28, 2011

How Sensitive Could Data Be?

Here at BeyondTrust, we work with some of the most sensitive information in the world. The kind of stuff that makes or breaks businesses, collapses empires, or creates headlines. Ok – we’re being melodramatic, and we also deal with things as simple as system configuration settings that hike up help desk costs.

Post by Peter McCalister March 25, 2011

A Basic Guide to SCAP

The Security Content Automation Protocol (SCAP, pronounced S-cap) is a suite of open standards that when referenced together, deliver an automated vulnerability management, measurement, and policy compliance evaluation for network assets. The first version of the suite specification focused on standardizing communication of endpoint related data and to provide a standardized approach to maintaining the…

Post by Morey Haber March 24, 2011
, ,

CETREL S.A. Replaces SUDO with PowerBroker for Servers

<![CDATA[ CETREL S.A., an advanced electronic payment company, is headquartered in Masbach, Luxemberg. It’s active in three lines of business: business process outsourcer for cards, acquirer for multi-domestic and international merchants, and provider of share service center solutions for the financial industry. The company is also a member of the SIX group, and is working…

Post by Peter McCalister March 24, 2011

Top 10 Reasons Good People Do Bad Things Without Least Privilege

In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format. So without further fanfare or wasted space… the Top 10 Reasons Good People Do Bad Things Without Least Privilege are:

Post by Peter McCalister March 23, 2011

MD Anderson Selects PowerBroker for Servers

The University of Texas M.D. Anderson Cancer Center is a world-leading intitution for cancer treatment. In 2008 alone, the facility cared for nearly one million people, and it supports a faculty and staff of both MDs and PhDs numbering over 20,000. Their IT network is based on a powerful and secure Unix infrastructure, and includes over 500 servers that house confidential patient and financial information.

Post by Peter McCalister March 22, 2011

Top VM Reports for Government

In continuing the series on top reports for vertical markets, this blog will focus on reports that help government entities at the state, local, and federal levels. Like any vertical, having reports that are dedicated to the mandates and requirements that matter to the organization are critical. It is not only about which vulnerabilities are…

Post by Morey Haber March 21, 2011
, , , ,
Accidental Harm

Why Do You SUDO The Way You Do?

In the land of Unix and Linux systems administration, nothing seems to elicit such polar love and hate as does the use of SUDO for root rights elevation.

Post by Peter McCalister March 21, 2011

VistaPrint Uses PowerBroker Desktops to Improve Security

VistaPrint is an online supplier of high-quality graphic design services and customized print products. They have over seven million customers and operate 17 localized websites in over 120 countries. The company is known for their standardized design and printing process, as well as the significantly reduced costs for their customers. VistaPrint has Windows Active Directory installed, operates a customer service center, and 400 end-users running Windows XP.

Post by Peter McCalister March 18, 2011