BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Security from Data Breaches Start from Within

Posted March 22, 2012    Peter McCalister

Keeping the bad guys out is what comes to mind for a lot of us when we think of securing our companies’ IT environment. And to be honest, this mindsit might very well be the reason we hear about so many data breaches. Companies are getting hit with breach and breach of sensitive information despite the best firewall systems and anti-malware software available. And the reason? The security focus is not in the right place. While keeping intruders out is important, keeping the liabilities and risks (read: people) inside your company at bay is far more critical. It’s no wonder breaches and leaks are still occuring- unmonitored and unmanaged users are running around our organizations with access to sensitive information. If you haven’t already started examining how to keep your information safe from the inside out, it’s time to make it a priority.

According to Mark Diodatti of Gartner, “organizations continue to struggle with excessive user privilege as it remains the primary attack point for data breaches and unauthorized transactions.” It would make sense, then, to allocate appropriate budget and resources to projects surrounding the primary attack point. Technologies like Anti-virus, firewalls, intrustion detection and prevention, email security, and web security are obviously important. Billions of dollars are spent each year in security budget to secure the outside perimeter from hostile intent…and I’m not saying that’s a bad thing. It just seems to me that more focus should be allocated to the primary point of attack. With the majority of organizations still struggling with excessive user privileges, it’s clear priorities aren’t jiving with needs.

Now, more than ever, there is a strong need to evaluate the security inside our environments. Ensuring privilege identity management as well as data security and leak prevention are becoming corporate “need-to-haves” in order to prevent the insider threat from effecting your organization. Click here to learn how to get started.

Leave a Reply

Additional articles

PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,
darren-mar-elia

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

Posted August 20, 2014    Chris Burd

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management…

Tags:
, , , , , , ,