BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Speaking of Human Nature, Desktop Computing And Least Privilege

Posted October 10, 2011    Peter McCalister

Indeed, people are known to behave differently inside and outside of the office, where the culture is different. Lines between professional and home life become blurred, and people take the suit off at home, log in in their shorts, but that doesn’t mean they should take their corporate hat off, as well. But what is the answer? Eliminating administrator rights without allowing for the elevation of certain job-necessary privileges is not the answer. Locking down a system is like asking everyone to raise his or her hand to go to the bathroom, – it shows the downside of mistrusting human nature.

Trust is not a value that can be applied in a fixed dose; it has to be measured to meet the needs of the individual’s role. Trust is a medicine that has to be applied carefully in prescribed doses based on role, policy and circumstance. Just as you shouldn’t just gulp down an entire prescription when leaving the pharmacy assuming it will cure the problem in one go, so to you can’t just apply blanket privileges to users throughout your organization and expect that to solve your potential insider breach problem.

If you’ve read the marketing propaganda delivered by most operating system vendors, you have seen that they would like you to believe that their latest version will solve every problem known to exist just short of world hunger and world peace in the process. It behooves you therefore to be aware of many glaring gaps that Windows exposes in privileged identity management.

Leave a Reply

Additional articles

PowerBroker for Unix & Linux helps prevent Shellshock

Posted September 25, 2014    Paul Harper

Like many other people who tinker with UNIX and Linux on a regular basis, BASH has always been my shell of choice.  Dating back to the early days moving from Windows to a non-Windows platform, mapping the keys correctly to allow easy navigation and control helped ensure an explosion of use for the shell. Unfortunately,…

Bash “Shellshock” Vulnerability – Retina Updates

Posted September 24, 2014    BeyondTrust Research Team

A major vulnerability was recently discovered within bash which allows arbitrary command execution via specially crafted environment variables. This is possible due to the fact that bash supports the assignment of shell functions to shell variables. When bash parses environment shell functions, it continues parsing even after the closing brace of the function definition. If…

pbps-blog3

7 Reasons Customers Switch to Password Safe for Privileged Password Management

Posted September 24, 2014    Chris Burd

It’s clear that privileged password management tools are essential for keeping mission-critical data, servers and assets safe and secure. However, as I discussed in my previous post, there are several pitfalls to look out for when deploying a privileged password management solution. At this point, you may be wondering how BeyondTrust stacks up. With that,…

Tags:
, , , , ,