BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The 3 Pillars of Desktop Vulnerability Protection

Posted April 26, 2011    Peter McCalister

Talking to many people last week about our 2010 Microsoft Vulnerability report, I realized just how much most people in IT underestimate the importance of properly limiting administrative privileges in protecting desktops for vulnerabilities. It’s certainly not because of a reduction in the risk from vulnerabilities. Our survey revealed that in 2009, Microsoft published nearly 75 security bulletins documenting and providing patches for nearly 200 vulnerabilities while in 2010 Microsoft published over 100 security bulletins documenting and providing patches for 256 vulnerabilities.

So in today’s environment good security requires using all possible means to deal with these threats Everyone understands the importance of good patch management and nervously awaits Microsoft’s release on patch Tuesday . Virus protection software is near universally deployed in enterprise and most SMB environments.

So what role does properly limiting administrative privileges play? Well, as important as patches and virus protection are they can’t address increasingly frequent zero day attacks. However, limiting the use of administrative privileges reduces the attack surface for malware and reduces their potential impact until a patch or virus detection signature is available. Our analysis showed that removing administrator rights will better protect companies against 64% of all Microsoft vulnerabilities reported in 2010 and 75% of Critical Windows 7 vulnerabilities reported by Microsoft to date
So if you are worried about the vulnerability of your desktops then use all three pillars of desktop protection – patch management, virus protection and implement a secure least privilege solution.

Leave a Reply

Additional articles

PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,
darren-mar-elia

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

Posted August 20, 2014    Chris Burd

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management…

Tags:
, , , , , , ,