BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

President Obama Endorses Least Privilege

Posted October 17, 2011    Peter McCalister

We have showed that the insider threat is significant in this blog for the last 2 years and have even pointed out recently that it made the Wall St Journal among other well respected publications. But, when President Obama aims to stop WikiLeaks-style disclosures, then least privilege has really come of age.

That’s correct, President Obama “Establishes Insider Threat Task Force” according to GovINfoSecurity.com. The article goes on to report “President Obama issued an executive order Friday [Oct 7, 2011] that establishes an Insider Threat Task Force to prevent potentially damaging and embarrassing exposure of government secrets, such those made public by WikiLeaks.” The article then goes on to say “The White House, in a statement accompanying the executive order, said its strategic importance is to ensure the government provides adequate protections to its classified information while at the same time sharing the information with all who reasonably need it to do their jobs.”

Thea article concludes with “In addition, the administration said it sought to ensure that policies, processes, technical security solutions, oversight and organizational cultures evolve to match its information sharing and safeguarding requirements. The administration, in developing the executive order, also said it sought to respect privacy and civil rights and emphasize that effective and consistent guidance and implementation must be coordinated across the entire government. “We are only as strong as our weakest link and this is a shared risk with shared responsibility,” the White House statement said.”

It’s about time the White House is catching up with ideas we have been educating the world on for years. Establishing a Least Privilege environment is the first step to achieving an IT environment whereby everyone can still be productive while being secure and the ability to intentionally, accidentally or indirectly misuse privilege is mitigated. Read about how you can implement this here.

Leave a Reply

Additional articles

PowerBroker for Unix & Linux helps prevent Shellshock

Posted September 25, 2014    Paul Harper

Like many other people who tinker with UNIX and Linux on a regular basis, BASH has always been my shell of choice.  Dating back to the early days moving from Windows to a non-Windows platform, mapping the keys correctly to allow easy navigation and control helped ensure an explosion of use for the shell. Unfortunately,…

Bash “Shellshock” Vulnerability – Retina Updates

Posted September 24, 2014    BeyondTrust Research Team

A major vulnerability was recently discovered within bash which allows arbitrary command execution via specially crafted environment variables. This is possible due to the fact that bash supports the assignment of shell functions to shell variables. When bash parses environment shell functions, it continues parsing even after the closing brace of the function definition. If…

pbps-blog3

7 Reasons Customers Switch to Password Safe for Privileged Password Management

Posted September 24, 2014    Chris Burd

It’s clear that privileged password management tools are essential for keeping mission-critical data, servers and assets safe and secure. However, as I discussed in my previous post, there are several pitfalls to look out for when deploying a privileged password management solution. At this point, you may be wondering how BeyondTrust stacks up. With that,…

Tags:
, , , , ,