BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘least privilege’

Least Privilege on Windows Desktops and Servers

Posted February 13, 2014    Morey Haber

We have all seen the news. Least privilege attacks on the NSA and companies like Target have lead to elevated privileges on sensitive systems and access to confidential data. Securing administrative privileges on desktops and servers is beginning to take center stage for many organizations since low level entry points are now being used to…

Tags:
, , , ,
BT_Privilege Gone Wild Infograpic v1

Privilege gone wild! Our latest survey finds privileged users are out of control.

Posted October 22, 2013    Sarah Lieber

Did you know that 40% of employees have unnecessary access rights? What about that over 25% of employees admitted to having retrieved information not relevant to their job like financial, reports, salary info, HR and personnel docs? Now have I caught your attention? As our latest security survey proves, insider threats continue to be a…

Tags:
, , , , , , , , , , , ,
did you know

Did you know? Continuous Protection feature

Posted August 21, 2013    Morgan Holm

Did you know that the continuous protection feature in the PowerBroker Management Suite is unique in the market?  You may have heard it referred to as continuous recovery or continuous backup. What is it? – It’s like the undo feature found in MS Word but for Active Directory (AD). PowerBroker Auditor for Active Directory provides…

Tags:
, , , ,
PowerBroker-Events-Img2

Control Access and Reduce Risk

Posted June 14, 2013    Bill Virtue

In my last blog I discussed bringing the NOC and SOC closer together, providing IT Operations with tools that improve security. This week I’ll go into more specifics of the solution and show how PowerBroker for Windows is used by both IT Operations and Security Operations teams. The Challenge Supporting a security principle such as…

Tags:
, , , , , ,
NSA-breach

Think You’re Safe from Internal Threats? The NSA Breach Will Make You Think Twice.

Posted June 13, 2013    Rod Simmons

When reading a recent article in the USA Today about how Edward Snowden, a former Booz Allen Hamilton employee and NSA contractor, was able to steal sensitive data via non-specific vectors, I was reminded of the illusion that threats are predominately external to organizations. Even though we might not know exactly how Snowden was able to…

Tags:
, , , , , , , ,
IE-0day

Internet Explorer 8 0day

Posted May 6, 2013    BeyondTrust Research Team

Last week, news broke that the U.S. Department of Labor’s (DoL) website was compromised… and that it had been serving up Internet Explorer 0day to its visitors. This 0day, CVE-2013-1347 (Retina Audit 19041 – Microsoft Internet Explorer 8 Remote Code Execution Vulnerability (Zero-Day)), only affects Internet Explorer 8 on Windows XP, Vista, and Windows 7 (as well as Server 2003,…

Tags:
, , , , , , ,
Endpoint Solutions Families

Security Tools for IT

Posted April 30, 2013    Bill Virtue

There is still a divide between the Security Operations Center (SOC) and the Network Operating Center (NOC). Security Operations is more strategic following security best practices to improve corporate security posture (based on business risk) and to ensure implementation of security policies and compliance. While IT is focused on network management, infrastructure availability and SLAs…

Tags:
, , , , ,
lucy2

Least Privilege and South Korea

Posted March 26, 2013    BeyondTrust Research Team

No, this isn’t some editorial piece about the interrelationships of varying social strata in South Korean society and Gangnam Style. Despite how interesting that may be, we are instead taking a quick look at the latest “wiper” malware to strike fear in the hearts of CTOs and IT admins alike – DarkSeoul (or Jokra or…

Tags:
, , , ,
java_update_screen

Oracle’s Java Hates Least-Privilege

Posted March 8, 2013    Marc Maiffret

Recently, there has been a lot of commentary and discussions about what to do about the state of security and the seemingly endless attacks that we are facing. There are, of course, many recommendations that are being made at a governmental level of how best to approach this problem through the use of information sharing…

Tags:
, , ,
Hiding in plain sight

IT Security’s Best Kept Secret – Hiding in Plain Sight

Posted January 22, 2013    Mike Puterbaugh

This blog post was first posted on Wired.com on January 22nd, 2013. It can be found, in it’s original formatting, here: http://insights.wired.com/profiles/blogs/it-security-s-best-kept-secret-hiding-in-plain-sight               There’s a reason the old saying “an ounce of prevention is worth of a pound a cure” resonates in so many situations – because it’s true….

Tags:
, , , , , , ,