BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
MR

Predicting Insider Threats

Posted July 19, 2011    Peter McCalister

In the movie Minority Report, police have created a system which predicts crime before it happens in a nightmarish Orwellian scenario. But what if companies could predict who would attack their most valuable assets? What kinds of ethical considerations would arise? While insider threats are less in number, when they do happen the damage is…

Categories:
Security Research
Sam2

Insider Hero Introduced: Secure Sam

Posted July 18, 2011    Peter McCalister

In order to put a face on the depth and breadth of potential insiders that can be found throughout your enterprise, I will introduce you to three insider villains and three insider heroes. Each villain will represent one of the key misuse of privileges and each hero will represent key values delivered by least privilege. This fourth introduction will be of the most visible hero.

Categories:
Security Research

Data Governance

Posted July 15, 2011    Morgan Holm

Hi my name is Morgan Holm and I am the director of product management. For my first blog post I will focus on a hot button topic for many of our customers and prospects, data governance. A significant portion of the data held by many organizations is in the form of unstructured data in files….

Categories:
Privileged Account Management
Tags:
, ,
annie

Insider Villain Introduced: Accident ProneAnnie

Posted July 15, 2011    Peter McCalister

In order to put a face on the depth and breadth of potential insiders that can be found throughout your enterprise, I will introduce you to three insider villains and three insider heroes. Each villain will represent one of the key misuse of privileges and each hero will represent key values delivered by least privilege. This third introduction will be of the most unlikely villain.

Categories:
Security Research
perimeter within

Securing the Perimeter One Privileged User at a Time

Posted July 14, 2011    Peter McCalister

You’ve heard it said before: “To some degree, you just have to trust your employees.” Ideally, yes. Trust between employee and employer is important, even necessary. But when this statement is made in the context of an employee’s access to a company’s most critical IT assets, the risk that accompanies it is simply too great…

Categories:
Privileged Account Management
lucy2

Insider Hero Introduced: Least Privilege Lucy

Posted July 13, 2011    Peter McCalister

In order to put a face on the depth and breadth of potential insiders that can be found throughout your enterprise, I will introduce you to three insider villains and three insider heroes. Each villain will represent one of the key misuse of privileges and each hero will represent key values delivered by least privilege. This second introduction will be of the most impactful and prevalent hero.

Categories:
Privileged Account Management
patch-tuesday

Microsoft Patch Tuesday – July 2011

Posted July 12, 2011    Chris Silva

I’m really starting to enjoy the “odd” months, Microsoft kept to their pattern and released only four security bulletins today. A welcome reprieve from last month’s sixteen bulletins. The only “Critical” rated vulnerability released today affects the Windows Bluetooth 2.1 stack. This particular vulnerability is somewhat interesting due to the attack vector. As you know,…

Categories:
Security Research
Lockdown

Corporate Security: The People’s Problem

Posted July 12, 2011    Peter McCalister

Last week reports of a study done by the U.S. Department of Homeland Security were flying around the Internet, highlighting that if you simply drop a bunch of USB drives in your corporate parking lot, approximately 60 percent of your employees will pick up the drives, take them into the office and plug them into their computer. While the results of this study are being disputed, this tells us one thing definitively: employees are a huge security risk.

Categories:
Security Research
img-mobile

Right-click Metasploit Integration

Posted July 12, 2011    Marc Maiffret

At eEye we have been continuing an aggressive release schedule of major product updates that simplify your vulnerability management and compliance process. One of the ways that we continue to simplify vulnerability management is through new capabilities and reporting that allow for better prioritization of vulnerabilities from an overall risk management perspective. While other products…

Categories:
Vulnerability Management
dave2

Insider Villain Introduced: Disgruntled Dave

Posted July 11, 2011    Peter McCalister

In order to put a face on the depth and breadth of potential insiders that can be found throughout your enterprise, I will introduce you to three insider villains and three insider heroes. Each villain will represent one of the key misuse of privileges and each hero will represent key values delivered by least privilege. This first introduction will be of the most impactful and prevalent villain.

Categories:
Privileged Account Management