BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Uncontested Lay Up

Post by Peter McCalister October 27, 2011

Last week talked about the basics of how you can address the risk of insider attacks from former employees. A recent study of IT managers and network administrators conducted by Amplitude Research on behalf of VanDyke Software, shows a growing concern about insider threats, particularly unauthorized access by current and former employees. Unauthorized access by current and former employees was cited by 11% of the survey respondents, as a reason cited network intrusions, the 4th most frequent response.

Using an Active Directory bridge product like PowerBroker Identity Services for seamless integration of Linux, UNIX, and Mac OS X with Microsoft Active Directory allows you to cut off privileged access to key systems by deactivating AD accounts when an employee leaves the company. As close to a slam dunk as it gets in enterprise IT security.

This week I did a webcast with our friends at Symplified on cloud security. We talked about the many complexities and challenges of security in the cloud, but they also provide a simple to implement solution to another challenge with former employees – access to SAAS applications.

Symplified allows you to link your or other user stores like LDAP to provide single sign on and making de-provisioning of former employees from those apps part of your normal account deactivation procedure. Not quite slam dunk, but an uncontested layup.

Leave a Reply

Additional articles

BI-5.1-user-asset-visibility-img

Understanding Who Has Access to What with BeyondInsight v5.1

Today, it’s my pleasure to introduce you to BeyondInsight version 5.1, the latest release of our IT Risk Management platform, which unifies several of our solutions for Privileged Account Management and Vulnerability Management. BeyondInsight v5.1 embodies BeyondTrust’s mission to give our customers the visibility they need to make smart decisions and reduce risk to their…

Post by Morey Haber April 15, 2014
Tags:
, , , , , , , , , , , ,

PowerBroker for Unix & Linux Now Available via Web Services

This week BeyondTrust released a fully functional Web Services interface (REST API) for its PowerBroker for Unix & Linux product.  With this new feature users of the solution will now be able to remotely and securely configure and retrieve data via the API.  The Web Services interface implemented by BeyondTrust is an industry standard that…

Post by Paul Harper April 10, 2014
Tags:
, , , , ,

Heartbleed – When OpenSSL Breaks Your Heart

You’ve likely heard about the recent OpenSSL vulnerability, CVE-2014-0160, dubbed Heartbleed. The main takeaway of this vulnerability is that attackers can use this to obtain things like secret keys used for X.509 certificates, user names and passwords, instant messages, emails, and other highly sensitive information. For a technical analysis of the bug, check out this…

Post by BeyondTrust Research Team April 8, 2014
Tags:
, , ,