BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Security from Data Breaches Start from Within

Posted March 22, 2012    Peter McCalister

Keeping the bad guys out is what comes to mind for a lot of us when we think of securing our companies’ IT environment. And to be honest, this mindsit might very well be the reason we hear about so many data breaches. Companies are getting hit with breach and breach of sensitive information despite the best firewall systems and anti-malware software available. And the reason? The security focus is not in the right place. While keeping intruders out is important, keeping the liabilities and risks (read: people) inside your company at bay is far more critical. It’s no wonder breaches and leaks are still occuring- unmonitored and unmanaged users are running around our organizations with access to sensitive information. If you haven’t already started examining how to keep your information safe from the inside out, it’s time to make it a priority.

According to Mark Diodatti of Gartner, “organizations continue to struggle with excessive user privilege as it remains the primary attack point for data breaches and unauthorized transactions.” It would make sense, then, to allocate appropriate budget and resources to projects surrounding the primary attack point. Technologies like Anti-virus, firewalls, intrustion detection and prevention, email security, and web security are obviously important. Billions of dollars are spent each year in security budget to secure the outside perimeter from hostile intent…and I’m not saying that’s a bad thing. It just seems to me that more focus should be allocated to the primary point of attack. With the majority of organizations still struggling with excessive user privileges, it’s clear priorities aren’t jiving with needs.

Now, more than ever, there is a strong need to evaluate the security inside our environments. Ensuring privilege identity management as well as data security and leak prevention are becoming corporate “need-to-haves” in order to prevent the insider threat from effecting your organization. Click here to learn how to get started.

Leave a Reply

Additional articles

skeletonkey3_713678_713680

Stopping the Skeleton Key Trojan

Posted June 29, 2015    Robert Auch

Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.

Tags:
, , , , ,
webinar 2

On Demand Webinar: 10 Steps to Building an Effective Vulnerability Management Program

Posted June 26, 2015    BeyondTrust Software

In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now.

Tags:
, ,
AHHA_PRO.LOGO

Privileged Account Management – Another AH-HA in Cyber Security

Posted June 25, 2015    Nigel Hedges

I strongly believe that the Top 4 mitigation strategies don’t just simply apply to Australian organizations, it should be a global realization, a worldwide “ah ha!” for those still not quite understanding the importance here. Here’s a refresher (or intro) on the Top 4 mitigation strategies. Read on…

Tags:
, ,