BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Securing the Perimeter Within

Posted April 18, 2011    Peter McCalister

Now that we’ve exhausted securing the network and IT resources from outsiders, it’s time to look at a different perimeter and ensure that insider threats don’t pose a problem for today’s enterprise.

According to Mark Diodatti of the Gartner Group” Organizations continue to struggle with excessive user privilege as it remains the primary attack point for data breaches and unauthorized transactions.”  And according to a SearchSecurity.com article, “Security spending survey finds misaligned IT security budgets“, it seems that the focus on where the real threat is inside an organization isn’t matched to where the budget is being spent.

We heard and read enough about metaphorical “Guns, Gates and Guards” protecting organizations from hostile outsiders.  Technologies like Anti-virus, firewalls, intrusion detection & prevention,email security and web security have commanded $billions in security budget to secure the outside perimeter from hostile intent.  But what about the “perimeter within”?  What about insider threat?  According to the latest Poneman Study, insider breaches “now cost companies $7.2 million per data breach event.”

This now creates an even stronger need to evaluate the perimeter within.  Ensuring privilege identity management as well as data security and leak prevention are becoming corporate “need to haves” in order to prevent the insider threat from effecting your organization.  If you have questions about your “perimeter within” then contact BeyondTrust today.

Leave a Reply

Additional articles

Cavalancia-Headshot - Medium

Protecting Privileged Passwords: a “Past the Password” Perspective

Posted July 6, 2015    Nick Cavalancia

Webinar discussing the realities of today’s state of security using some of the most recent (and respected) reports in the industry, and look at what steps you should be taking to properly protect your privileged passwords.

Tags:
,
webinar 2

On Demand Webinar: Because Auditing Stinks Sometimes

Posted July 2, 2015    Lindsay Marsh

Auditing stinks. Well, mostly stinks. In this on demand webinar, lead by Group Policy MVP Jeremy Moskowitz, you’ll learn the three key tenets to real Group Policy auditing. Tenet 1: Why do you care about Group Policy auditing? Tenet 2: How does Eventing help you know “Who did what?” Tenet 3: How does Reporting tell…

Tags:
, , , ,
skeletonkey3_713678_713680

Stopping the Skeleton Key Trojan

Posted June 29, 2015    Robert Auch

Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.

Tags:
, , , , ,