BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Slam Dunk

Post by Peter McCalister October 20, 2011

There aren’t many things in enterprise IT security that are easy enough to do to be called a slam dunk, but I may have one for you. A recent study of IT managers and network administrators conducted by Amplitude Research on behalf of VanDyke Software, shows a growing concern about insider threats, particularly unauthorized access by current and former employees.

Unauthorized access by current and former employees was cited by 11% of the survey respondents, as a reason cited network intrusions, the 4th most frequent response. When the same question was asked in 2010, only 6% of those who reported experiencing an intrusion had referred to unauthorized access by current / former employees.

We talk all the time about the risks and challenges of managing the insider threat. Unfortunately, good people do bad things. But former employees? That’s pretty easy to address. As close to a slam dunk as it gets in enterprise IT security.

So what’s the answer? It’s pretty basic. If you don’t give out root passwords and link all your privileged access to user IDs in Active Directory then it’s as simple as having a procedure to deactivate AD accounts when an employee leaves the company.

But what about my Linux and Unix boxes? That’s pretty straight forward as well. Use an Active Directory bridge product like PowerBroker Identity Services for seamless integration of Linux, UNIX, and Mac OS X with Microsoft Active Directory. As close to a slam dunk as it gets.

Leave a Reply

Additional articles

Vulnerability Expert Forum Highlights: April 2014

We had a great turnout for last week’s April 2014 Vulnerability Expert Forum (VEF) webcast. BeyondTrust Research experts, Carter and DJ, provided in-depth knowledge about the latest vulnerabilities and their potential impacts on network environments. Below are highlights from the Forum, plus an on-demand video of the presentation. Latest critical vulnerabilities, vendor patches, and zero-day…

Post by Chris Burd April 16, 2014
Tags:
, , , , ,
BI-5.1-user-asset-visibility-img

Understanding Who Has Access to What with BeyondInsight v5.1

Today, it’s my pleasure to introduce you to BeyondInsight version 5.1, the latest release of our IT Risk Management platform, which unifies several of our solutions for Privileged Account Management and Vulnerability Management. BeyondInsight v5.1 embodies BeyondTrust’s mission to give our customers the visibility they need to make smart decisions and reduce risk to their…

Post by Morey Haber April 15, 2014
Tags:
, , , , , , , , , , , ,

PowerBroker for Unix & Linux Now Available via Web Services

This week BeyondTrust released a fully functional Web Services interface (REST API) for its PowerBroker for Unix & Linux product.  With this new feature users of the solution will now be able to remotely and securely configure and retrieve data via the API.  The Web Services interface implemented by BeyondTrust is an industry standard that…

Post by Paul Harper April 10, 2014
Tags:
, , , , ,