BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The 3 Pillars of Desktop Vulnerability Protection

Posted April 26, 2011    Peter McCalister

Talking to many people last week about our 2010 Microsoft Vulnerability report, I realized just how much most people in IT underestimate the importance of properly limiting administrative privileges in protecting desktops for vulnerabilities. It’s certainly not because of a reduction in the risk from vulnerabilities. Our survey revealed that in 2009, Microsoft published nearly 75 security bulletins documenting and providing patches for nearly 200 vulnerabilities while in 2010 Microsoft published over 100 security bulletins documenting and providing patches for 256 vulnerabilities.

So in today’s environment good security requires using all possible means to deal with these threats Everyone understands the importance of good patch management and nervously awaits Microsoft’s release on patch Tuesday . Virus protection software is near universally deployed in enterprise and most SMB environments.

So what role does properly limiting administrative privileges play? Well, as important as patches and virus protection are they can’t address increasingly frequent zero day attacks. However, limiting the use of administrative privileges reduces the attack surface for malware and reduces their potential impact until a patch or virus detection signature is available. Our analysis showed that removing administrator rights will better protect companies against 64% of all Microsoft vulnerabilities reported in 2010 and 75% of Critical Windows 7 vulnerabilities reported by Microsoft to date
So if you are worried about the vulnerability of your desktops then use all three pillars of desktop protection – patch management, virus protection and implement a secure least privilege solution.

Leave a Reply

Additional articles

randy franklin smith

At the End of Day You Can’t Control What Privileged Users Do: It’s about Detective/Deterrent Controls and Accountability

Posted March 31, 2015    Randy Franklin Smith

Live Webinar: Thursday, April 2, 2015 | 10am PT/1pm ET | REGISTER NOW! In this webinar, Security Expert Randy Franklin Smith will look at how to audit what admins do inside Linux and UNIX with sudo’s logging capabilities.

Tags:
, ,
BA_Hacked

British Airways Executive Club Member Accounts Hacked

Posted March 30, 2015    Brian Chappell

British Airways has released information regarding the hacking of a number of their Executive Club (BA’s frequent flyer programme) member’s accounts.

Tags:
, , ,
webinar_ondemand

On Demand Webinar – Why You Still Suck at Patching

Posted March 27, 2015    Lindsay Marsh

On Demand Webinar: Dave Shackleford recounts some of his personal experiences in patch management failure, and breaks down the most critical issues holding many teams back from patching more effectively.

Tags:
,