BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
nasa

NASA Vulnerability and Admin Rights

Posted April 7, 2011    Peter McCalister

A report came out recently highlighting vulnerabilities in NASA’s IT that could have impaired critical space missions or leaked sensitive information.

Categories:
General
database

Confessions of a Paranoid IT Director

Posted April 6, 2011    Peter McCalister

Hi, my name is Betty, I’m an IT Director at a large utility company and it’s been 1 week since my VP of Software Development complained that security was locked down too tight to get anything done. (All together now) HI BETTY!

Categories:
General
Abstract clockwork

Do Systems Really Fail, Or the Over-Privileged People Running Them?

Posted April 5, 2011    Peter McCalister

According to a recent Symantec sponsored survey, system failure has replaced negligence as the single biggest source of data breach involving UK firms, for the third successive year. However, that depends on how you interpret the data.

Categories:
Privileged Account Management

Confessions of an Apathetic IT Director

Posted April 4, 2011    Peter McCalister

Hi, my name is Bob, I’m an IT Director at a mid-sized financial company and it’s been 11 months since my last insider attack…that I know of. (All together now) HI BOB!

Categories:
General
bigdata-98x98

Top Vulnerability Management Trending and Delta Reports

Posted April 1, 2011    Morey Haber

Every organization wants to know where they are going and where they have been.  Performing an analysis on the here and now only gives a snapshot that gives little perspective into how things have progressed or patterns for the future. For vulnerability assessment, many clients rely on delta reports to compare scan jobs and data…

Categories:
General, Vulnerability Management
PBSE

Who Controls Your Favorite Personal Computing Device?

Posted April 1, 2011    Peter McCalister

As a longtime Blackberry user I have been looking forward to the release of the Blackberry Playbook. With many of my colleagues using tablets, particularly iPads, I have been getting a little jealous of what they could do. So in addition to the excitement about RIM setting a release date I also noted the excitement about the announcement that the Playbook will support Android Apps.

Categories:
Vulnerability Management
shoe

The Cobbler’s Son Has No Shoes

Posted March 31, 2011    Peter McCalister

What happens when a top security company fails to implement a least privilege solution? Just look at what was reported about RSA to see what awaits you if you fail to implement a least privilege solution and someone hijacks credentials to steal information via Advanced Persistent Threat. Yep, the cobbler’s son does have NO SHOES.

Categories:
Privileged Account Management
eye in the sky_smaller-resized-600.jpg

Vulnerability Scanning From a Virtual Machine

Posted March 30, 2011    Morey Haber

Virtualization offers a wide array of benefits from power and environmental constraints to physical space limitations and disaster recovery efforts.  As leaders  for Unified Vulnerability Management, we realize these benefits offer a significant value  to our install base and we are in full support of virtualization for our solutions. Although virtualization is in many ways…

Categories:
Vulnerability Management
smartphone4-resized-600.jpg

BlackBerry Vulnerability – Where’s the Admin Privileges?

Posted March 30, 2011    Peter McCalister

If you haven’t read by now, at this year’s Pwn2Own hacker challenge that took place at CanSecWest in Vancouver last week, the iPhone and Blackberry were both hacked. Teams also demonstrated several vulnerabilities in browsers, macbooks and more.

Categories:
General
Team

3 Things Local Admins Can Do That They Shouldn’t

Posted March 29, 2011    Peter McCalister

Eliminating local admin rights from Microsoft Windows users is not just a nice thing you should do, but in fact a mandatory best practice for all of today’s enterprises wishing to stay secure and compliant.

Categories:
Privileged Account Management