BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

stolen

Stolen Fruit is the Sweetest (Especially for Hackers)

I’m sure you’ve heard the saying, “stolen fruit is the sweetest.” It’s a phrase that gets thrown around lightly, but it’s time to take it to heart. In a day when information and sensitive data are being stolen, manipulated, and blasted for the world to read, this is a saying we all need to look at twice. Hackers, inside security leakers, and thieves all agree: that which is stolen is the sweetest. You don’t want to find out how sweet the information in your enterprise will be to them. Steps should to be taken to secure the sensitive information and data in enterprises across the world.

Post by Peter McCalister February 3, 2011
broken chain

Least Privilege Legacy Apps and the Desktop “Wild West”: Part 4

This week we report the conclusions of our recent survey of 185 IT Administrators and Help Desk Operatives, in a report Legacy Applications and Least Privilege Access Management’ – which reveals the way legacy apps leave Windows desktop environments unnecessarily exposed to attack from malware, as well as providing an open door to insider threats.

Post by Peter McCalister February 2, 2011
hands

Prevent Security Storms by Eliminating Admin Rights

How many times have you heard the old proverb, “after the storm comes the calm?” And how many times have you just accepted “storms” as part of life? From my point of view, these downpours aren’t actually necessary.

Post by Peter McCalister February 1, 2011
pillars

Prioritizing Vulnerability Assessment and Remediation Steps: A New Users Guide to Getting Started – Part 1

New users to vulnerability assessment often ask the same question: “How do I get started”? While this may sound incredibly generic for a security engineer, many companies have never had a vulnerability management process in place and are trying to comprehend the problems of missing patches, remediation prioritization, and risk acceptance. As a basic recommendation,…

Post by Morey Haber January 31, 2011
Tags:
, , ,
The Duke

Least Privilege Legacy Apps and the Desktop “Wild West”: Part 3

This week we report the conclusions of our recent survey of 185 IT Administrators and Help Desk Operatives, in a report ‘Legacy Applications and Least Privilege Access Management’ which reveals the way legacy apps leave Windows desktop environments unnecessarily exposed to attack from malware, as well as providing an open door to insider threats.

Post by Peter McCalister January 31, 2011
Win 7

Microsoft Vulnerabilities & Admin Privileges

Some of you may have already seen the annual report we do each year on vulnerabilities in Microsoft products. Our last report found that in 90% of critical vulnerabilities could be mitigated with the removal of administrative rights.

Post by Peter McCalister January 28, 2011
The Duke

Least Privilege Legacy Apps and the Desktop “Wild West”: Part 2

This week we report the conclusions of our recent survey of 185 IT Administrators and Help Desk Operatives, in a report Legacy Applications and Least Privilege Access Management’ which reveals the way legacy apps leave Windows desktop environments unnecessarily exposed to attack from malware, as well as providing an open door to insider threats.

Post by Peter McCalister January 27, 2011
Team

Password Rotation, Phishing and Authentication Limitations, Oh My!

As we have pointed out in several recent blog posts, getting users to choose effective passwords is hard. This is particularly important to us at BeyondTrust since for our PIM solutions to function correctly we need to accurately authenticate a user to know what access privileges to grant them While new technologies for user authentication are on the way, they aren’t here just yet.

Post by Peter McCalister January 26, 2011
img-mobile

Referential Integrity When Performing a Vulnerability Assessment

James Thurber wrote back in 1959, “When all things are equal, translucence in writing is more effective than transparency, just as glow is more revealing than glare.” The critical aspect of his statement is based on equality. When using multiple distributed applications, regardless of technology, having the same version on all the systems is sometimes…

Post by Morey Haber January 25, 2011
Tags:
, ,
The Duke

Least Privilege Legacy Apps and the Desktop “Wild West”: Part 1

Whenever we hear the phrase “Wild West”, the first words that come to mind are old, insecure, and vulnerable. Any old western featuring Clint Eastwood or John Wayne depicts all of these descriptions. And coincidentally “Wild West” provides the perfect analogy for the way an enterprise’s remaining legacy infrastructure interfaces with a Windows desktops environment….

Post by Peter McCalister January 25, 2011
Tags:
, ,