BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
hands

Top 10 Reasons Good People Do Bad Things Without Least Privilege

Posted March 23, 2011    Peter McCalister

In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format. So without further fanfare or wasted space… the Top 10 Reasons Good People Do Bad Things Without Least Privilege are:

Categories:
General
mdalogo-250

MD Anderson Selects PowerBroker for Servers

Posted March 22, 2011    Peter McCalister

The University of Texas M.D. Anderson Cancer Center is a world-leading intitution for cancer treatment. In 2008 alone, the facility cared for nearly one million people, and it supports a faculty and staff of both MDs and PhDs numbering over 20,000. Their IT network is based on a powerful and secure Unix infrastructure, and includes over 500 servers that house confidential patient and financial information.

Categories:
General
pillars

Top VM Reports for Government

Posted March 21, 2011    Morey Haber

In continuing the series on top reports for vertical markets, this blog will focus on reports that help government entities at the state, local, and federal levels. Like any vertical, having reports that are dedicated to the mandates and requirements that matter to the organization are critical. It is not only about which vulnerabilities are…

Categories:
Vulnerability Management
Tags:
, , , ,
Accidental Harm

Why Do You SUDO The Way You Do?

Posted March 21, 2011    Peter McCalister

In the land of Unix and Linux systems administration, nothing seems to elicit such polar love and hate as does the use of SUDO for root rights elevation.

Categories:
Vulnerability Management
realnetworks

RealPlayer IVR File Remote Code Execution

Disclosed March 21, 2011    Fully Patched
Vendors: RealNetworks
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
vistaprint-logo-02

VistaPrint Uses PowerBroker Desktops to Improve Security

Posted March 18, 2011    Peter McCalister

VistaPrint is an online supplier of high-quality graphic design services and customized print products. They have over seven million customers and operate 17 localized websites in over 120 countries. The company is known for their standardized design and printing process, as well as the significantly reduced costs for their customers. VistaPrint has Windows Active Directory installed, operates a customer service center, and 400 end-users running Windows XP.

Categories:
General
guy laptop

Back to Least Privilege Basics

Posted March 17, 2011    Peter McCalister

Least Privilege is something we’ve talked about before, and odds are good we’ll talk about it again. The reason it keeps coming up is because it’s important! It’s the key to securing Windows desktops, and it’s fundamental in the protection of root access.

Categories:
Privileged Account Management
ipad pic

The Privilege To Roaming Access Comes With Responsibilities

Posted March 16, 2011    Peter McCalister

We’re big fans of Apple’s iPad. How can you not like them? Svelte, sleek and slick in execution.

Categories:
General
sticky

Automating Configuration Auditing

Posted March 15, 2011    Morey Haber

????????I want to discuss a rather simple use case with my readers that until recently, had a rather complex solution. Consider you are a major airline, corporation, or even a local government with thousands of systems that should be identical from a configuration perspective. These could be airline check-in kiosks, a call center handling support calls,…

Categories:
Privileged Account Management
Tags:
, , , , , , , , ,
Good-better-best

4 Bad Habits to Kick for IT Security

Posted March 15, 2011    Peter McCalister

Isn’t it amazing how easy it is to adopt bad habits? The crazy thing is that no one is immune- they plague each and every one of us. Whether we were taught incorrect practices or are just looking for shortcuts to make our lives/jobs/situations easier, each of us yields to poor patterns at some point in our lives.

Categories:
Vulnerability Management