Administrator Account Discovery
One of the most dangerous threats to IT security is abuse of privileged access. Preventing the exploitation of administrator privileges first requires knowledge of who has administrator access whether local or domain based. This is not only good practice, but also driven by many security …
Password Strength Standards
Password strength is a core component to many security standards. There are many different regulatory standards available to IT administrators that provide specific guidance for password strength. These standards include such as USGCB, FDCC, PCI-DSS and NERC. The password length, cycle time, and complexity requirements …
Security Monitoring with Application Whitelisting
Application whitelisting software is often perceived as an all-or-nothing approach to application security. Unfortunately, there is great benefit in using application whitelisting software to identify and monitor untrusted applications providing greater visibility into what is occurring in an enterprise. Application whitelisting is usually thought of …
Application Whitelisting Best Practices: Trusted Digital Certificates
Application whitelisting by digital certificates is an efficient method to trust applications that are digitally signed with one or more certificates. This method can make it easy for organizations to trust internally developed applications without having to individually add applications to a whitelist. It can …
Endpoint Security and the Australian DSD’s Top 4 Mitigating Strategies
At RSA’s 2013 Conference San Francisco last week, there were references to the Australia Defence Signals Directorate’s (DSD) top 4 mitigating strategies and their ability to protect against 85% of cyber intrusions. The top 4 strategies are worth considering to improve endpoint security in any …
Top 5 Reasons To Remove Administrator Rights
In previous articles, we discussed why users want administrator rights and why they need them. Now let’s explore why they shouldn’t have them. In today’s increasingly dangerous threat landscape, every organization’s security strategy should include the goal to remove administrator rights. Here are the reasons. …
Top 5 Reasons Why Users Need Administrator Rights
In the last blog article we discussed the top 5 reasons why users want administrator privileges. In this article we will discuss the top 5 reasons why a user actually NEEDS administrator rights. Here are the top 5 reasons: System Utilities: many of the control …
Top 5 Reasons Why Users Want Administrator Rights
Nobody likes to be restricted in their use of a computer, or think they are being limited because they don’t have administrator rights. Most users do not NEED administrator privileges, they just WANT them. So why do users want administrator privileges? Here are the top …
Cyberwar Has Arrived and There is No Turning Back
Cyberwar has begun or it began years ago. The past few weeks have included a flood of security news around compromised organizations and multiple serious security threats. We must now consider our online experience to occur in a combat zone and change our approach to …
Endpoint Security and Pain
Pain: we all feel it. Whether physical, financial, mental or otherwise, pain is a motivator like no other. I am recovering from shoulder surgery and see parallels to my decision to have the procedure and decisions to improve endpoint security. To summarize, nothing motivates like …