BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Top 5 Data Breach Excuses Of 2011 (And What They Really Mean): Part 1

Posted January 3, 2012    Peter McCalister

SADLY, IT’S NOT POSSIBLE TO TRUST ALL PEOPLE ALL OF THE TIME – Gwent Police, Wales, UK, May 2011

This is one of the more favored excuses used by organizations who prefer to show some attrition for taking their eye off the ball for a few days, months, years,… (fill in the blank) later.

In this case Gwent Police announced in May that 7 employees had been internally disciplined and one dismissed over the last three years for breaches of the Data Protection Act. Campaigning group Big Brother Watch said that the figures, obtained under the Freedom of Information Act, showed four of those internally disciplined were police officers. All the cases were due to staff members viewing information on internal police computer systems, said Gwent Police, between May 2008 and May 2011.
The databases breached included the force’s intelligence system and the incident logging system. A Gwent Police spokeswoman said our computerized systems have stringent checking facilities in place to ensure as much as possible that only appropriately risk assessed staff members can view them,” she said.

“When there are breaches or potential breaches, they are investigated and dealt with in the most effective way and lessons are learned to ensure that risks are minimized.”

BeyondTrust says: “Sadly, eating humble pie, doesn’t account for the fact that even with the most stringent employee vetting processes in place, you can’t always rely on Trust alone, when it comes to mitigating insider threat. At all times, privileged access must be elevated dependent on each employees job role, as opposed to their rank, and even then, only when that employee needs such access.”

Leave a Reply

Additional articles

red-thumbprint

Why big data breaches won’t always be so easy

Posted September 19, 2014    Byron Acohido

This blog post is republished with the permission of ThirdCertainty. See the original post here. – By: Byron Acohido, Editor-In-Chief, ThirdCertainty Some day, perhaps fairly soon, it will be much more difficult for data thieves to pull off capers like the headline-grabbing hacks of Home Depot and Target. That’s not a pipe dream. It’s the projected outcome…

Tags:
, , , , ,
pbps-blog2

8 Reasons Your Privileged Password Management Solution Will Fail

Posted September 18, 2014    Chris Burd

Leveraging complex, frequently updated passwords is a basic security best practice for protecting privileged accounts in your organization. But if passwords are such a no-brainer, why do two out of three data breaches tie back to poor password management? The fact is that not all privileged password management strategies are created equal, so it’s critical…

Tags:
, , , , , , ,
pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,