BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The University of Winchester Selects PowerBroker Desktops

Posted June 14, 2011    Peter McCalister

The University of Winchester is an educational institution in the United Kingdom with a strong heritage and innovatice teaching model. Their 5,900+ students enjoy educational challenges in 17 different departments at the hands of over 650 staff members.

With an environment consisting of predominantly students, the University found itself in an unusual IT situation. Over 1,500 Windows desktops operate over 7,000 user accounts: managing such a network is a large task! When you add in remote desktops and necessary applications that require admin rights to run, the conundrum increases significantly. While the University’s IT team understood that eliminating administrator rights would increase security and compliance, as well as decrease the risk of malware, it was a difficult endeavor to put in place. Because of the amount of users, as well as a large number of legacy applications requiring admin rights to run, the IT management team were unsure of how to manage the access rights while maintaing necessary productivity levels.

This is where BeyondTrust’s PowerBroker Desktops came in. The University of Winchester was first drawn to the solution from a webinar based on Desktop Standard. A year later, PowerBroker Desktops (then known as Privilege Manager) was evaluated and selected as the solution to satisfy security, compliance, and productivity. The biggest benefit was being able to lock down users while still allowing them to run all required applications.

Leave a Reply

Additional articles

How To Implement The Australian Signals Directorate’s Top 4 Strategies

Posted October 20, 2014    Morey Haber

The Australian Signals Directorate (ASD), also known as the Defence Signals Directorate, has developed a list of strategies to mitigate targeted cyber intrusions. The recommended strategies were developed through ASD’s extensive experience in operational cyber security, including responding to serious security intrusions and performing vulnerability assessments and penetration testing for Australian government agencies. These recommendations…

Tags:
, , , ,
asp-mvc

Exploiting MS14-059 because sometimes XSS is fun, sometimes…

Posted October 17, 2014    BeyondTrust Research Team

This October, Microsoft has provided a security update for System.Web.Mvc.dll which addresses a ‘Security Feature Bypass’. The vulnerability itself is in ASP.NET MVC technology and given its wide adoption we thought we would take a closer look. Referring to the bulletin we can glean a few useful pieces of information: “A cross-site scripting (XSS) vulnerability exists…

Tags:
4bestpracticesaudits-blog

Four Best Practices for Passing Privileged Account Audits

Posted October 16, 2014    Chris Burd

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared…

Tags:
, , , ,