BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Time for IT to Support–and Secure–the Mac

Posted November 9, 2011    Peter McCalister

It seems that the tides have changed again with regard to Macs in the workplace, as covered by the Apple 2.0 blog on CNN Money. As noted in the post, “Hell freezes over: Forrester urges IT to support the Mac,” A new report from Forrester Research, Inc. urges IT departments to depart from their old ways of banning Macs and to finally welcome them into the fold.

os lion

Why? Well, there are several reasons, but chief among them is that top workers in IT are using Macs more frequently, and it’s in a companies best interest to support their productivity. Forrester calls these users HEROs, or “Highly Empowered and Resourceful Operatives.” They are “the 17% of information workers who use new technologies and find innovative ways to be more productive and serve customers more effectively.”

When it comes to securing Macs, the first step is to ensure that users are logging in to their Macs with their directory credentials, which are centrally managed in Active Directory. This first step can be accomplished seamlessly using PowerBroker Identity Services – Open Edition. In less than 5 minutes, administrators can install the agent and have the users, or HEROs, logging in with their directory credentials.

Beyond authentication, there are many other resources available to secure Macs in the Enterprise. Some of these include full integration with Active Directory and extending “Group Policy” that treats Mac users like Mac users. One thing is certain–the percentage of Macs in the enterprise will only continue to grow. IT departments should welcome them but take the proper steps to maintain security and reduce insider threats.

Leave a Reply

Additional articles

How To Implement The Australian Signals Directorate’s Top 4 Strategies

Posted October 20, 2014    Morey Haber

The Australian Signals Directorate (ASD), also known as the Defence Signals Directorate, has developed a list of strategies to mitigate targeted cyber intrusions. The recommended strategies were developed through ASD’s extensive experience in operational cyber security, including responding to serious security intrusions and performing vulnerability assessments and penetration testing for Australian government agencies. These recommendations…

Tags:
, , , ,
asp-mvc

Exploiting MS14-059 because sometimes XSS is fun, sometimes…

Posted October 17, 2014    BeyondTrust Research Team

This October, Microsoft has provided a security update for System.Web.Mvc.dll which addresses a ‘Security Feature Bypass’. The vulnerability itself is in ASP.NET MVC technology and given its wide adoption we thought we would take a closer look. Referring to the bulletin we can glean a few useful pieces of information: “A cross-site scripting (XSS) vulnerability exists…

Tags:
4bestpracticesaudits-blog

Four Best Practices for Passing Privileged Account Audits

Posted October 16, 2014    Chris Burd

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared…

Tags:
, , , ,