BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
blowfish-98x98

Lessons Learned from Privileged Identity Management Mistakes

Posted May 2, 2011    Peter McCalister

It never ceases to amaze me how predictable we are as human beings. Whether it’s continuing to repeat our own mistakes or thinking the consequences of others’ actions would never apply to us, it seems we’re far too eager to turn a blind eye to reality. Reality, however, has a funny way of coming back…

Categories:
Vulnerability Management
Tags:
, ,
img-mobile

Role-Based Access for Your Teams

Posted May 2, 2011    Morey Haber

Regulatory controls all require the access restriction of sensitive data to the individuals that need to know. Many corporate policies also segregate users to access devices by geographical location or by platform and function. Vulnerability data is sensitive information. In the wrong hands, it provides a blueprint on how to potentially access systems without proper…

Categories:
General, Vulnerability Management
IK_RGB_72dpi

IK Investment Partners Selects PowerBroker for Desktops

Posted April 29, 2011    Peter McCalister

IK Investment Partners, based in Europe, is a private equity firm that manages 5.7 billion Euros in fund commitments. Their portfolio includes 22 companies across Europe, and they have six dedicated investment teams covering the Benelux countries. They also have over 100 users on machines throughout the company, including laptops and desktops. IK Investment Partners…

Categories:
Vulnerability Management
change

The Only Constant is Change

Posted April 27, 2011    Peter McCalister

Best practices in IT corporate security must acknowledge the intersection of technology, processes and people. Yet all too often the focus falls to the technology and processes while the people part of the equation is often overlooked.

Categories:
General

Multiple Platform Configuration Compliance

Posted April 27, 2011    Morey Haber

Here is the problem. Most small businesses benefit from picking a standard platform like Microsoft Windows and exclusively using it from laptops to servers. There has always been, even in the smallest companies, some resistance to Windows including the  rogue Mac users. Enterprises tend to pick the platform they need based on business requirements and…

Categories:
Privileged Account Management
pillars

The 3 Pillars of Desktop Vulnerability Protection

Posted April 26, 2011    Peter McCalister

Talking to many people last week about our 2010 Microsoft Vulnerability report, I realized just how much most people in IT underestimate the importance of properly limiting administrative privileges in protecting desktops for vulnerabilities. It’s certainly not because of a reduction in the risk from vulnerabilities. Our survey revealed that in 2009, Microsoft published nearly 75 security bulletins documenting and providing patches for nearly 200 vulnerabilities while in 2010 Microsoft published over 100 security bulletins documenting and providing patches for 256 vulnerabilities.

Categories:
Vulnerability Management
sql-injection

Barracuda Breach and Privileged Users

Posted April 25, 2011    Peter McCalister

As technology continues to develop and expand, it’s an unfortunate reality that sensitive information is becoming decreasingly safe. While this isn’t new news (data breaches are becoming as common as a morning bowl of cheerios), for some reason companies aren’t heeding these devastating warning signs. At least Barracuda didn’t.

Categories:
Vulnerability Management
layoff

Corporate Security Alert: Beware the Terminated Employee’s Wrath

Posted April 22, 2011    Peter McCalister

Employee terminations are, unfortunately, a necessary evil in corporate America today. In a time of recession, layoffs are more copious and often leave those affected angry and upset. Albeit in a very small minority of cases, some terminated employee backlash has led to disastrous consequences for former employers.

Categories:
Vulnerability Management
infosec

Infosec 2011 Survey Reveals Root Password Bad Practice

Posted April 21, 2011    Peter McCalister

At Infosec 2011 in London this week (Europe’s largest information security trade show), a survey by BeyondTrust of over 50 first day attendees revealed that root password bad practice continues to be unchecked in many organizations. Of those polled, over 58% said they would be able to steal information from a mission critical server if they wanted…

Categories:
General
Abstract clockwork

Unified Vulnerability Management for Healthcare

Posted April 20, 2011    Morey Haber

Today’s businesses are facing greater regulatory demands, increasing vulnerabilities, a rapid shift to digital business processes, and flat budgets.  The healthcare industry is no different and shares the same problems as almost every other vertical; how to keep sensitive data secure. Regardless of patient information, billing and payment data, and historical medical information, protecting an…

Categories:
General, Vulnerability Management