BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

President Obama Endorses Least Privilege

Posted October 17, 2011    Peter McCalister

We have showed that the insider threat is significant in this blog for the last 2 years and have even pointed out recently that it made the Wall St Journal among other well respected publications. But, when President Obama aims to stop WikiLeaks-style disclosures, then least privilege has really come of age.

That’s correct, President Obama “Establishes Insider Threat Task Force” according to GovINfoSecurity.com. The article goes on to report “President Obama issued an executive order Friday [Oct 7, 2011] that establishes an Insider Threat Task Force to prevent potentially damaging and embarrassing exposure of government secrets, such those made public by WikiLeaks.” The article then goes on to say “The White House, in a statement accompanying the executive order, said its strategic importance is to ensure the government provides adequate protections to its classified information while at the same time sharing the information with all who reasonably need it to do their jobs.”

Thea article concludes with “In addition, the administration said it sought to ensure that policies, processes, technical security solutions, oversight and organizational cultures evolve to match its information sharing and safeguarding requirements. The administration, in developing the executive order, also said it sought to respect privacy and civil rights and emphasize that effective and consistent guidance and implementation must be coordinated across the entire government. “We are only as strong as our weakest link and this is a shared risk with shared responsibility,” the White House statement said.”

It’s about time the White House is catching up with ideas we have been educating the world on for years. Establishing a Least Privilege environment is the first step to achieving an IT environment whereby everyone can still be productive while being secure and the ability to intentionally, accidentally or indirectly misuse privilege is mitigated. Read about how you can implement this here.

Leave a Reply

Additional articles

PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,
darren-mar-elia

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

Posted August 20, 2014    Chris Burd

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management…

Tags:
, , , , , , ,