Posted in Application Control, Desktop Lockdown, Least Privilege, Privilege Guard | Leave a comment

Security’s secret weapon is always visibility

Posted on May 17, 2013 by John Dunn

Privilege management can be a way of spotting an attacker’s footprints

Cyber-criminals are motivated, technically innovative and incredibly observant; it is a depressing and repeating pattern of the last decade that they have been able to zero in on important weaknesses when the defenders were either unaware these existed or just had their fingers crossed.

There are really only three ways to break into an organization digitally. You target a poorly-secured resource (e.g. a server left unguarded using a default login), attack an insecure or unpatched application, or try to undermine the end user with social engineering. All three serve as jumping off points to spider behind the firewall or intrusion prevention layer in search of further resources, data or users to target. Conceptually, cybercrime really is that simple.

Recent history tells us that the criminals have worked out the implications of this. Resources can eventually be secured by technological means but for applications it is much harder. For the user it might be almost impossible, which is why the user is usually where today’s attacks usually begin.

Continue reading

Posted in ePO, McAfee, Privilege Guard | Comments Off

Privilege Guard ePO Edition is Here!

Posted on April 23, 2013 by Kris Zentek

Today we are very pleased to announce the release of Privilege Guard ePO Edition, a brand new version tightly integrated with McAfee ePO which delivers comprehensive and scalable privilege management to all McAfee secured endpoints.

Since we released the McAfee ePO Integration Pack last year, we have been focused on extending our very successful partnership with McAfee, by building a complete solution within the ePO ecosystem.

We are really pleased with the end result, which showcases the strength of Avecto’s innovative approach to least privilege, married with the powerful ePO platform.

Scalable Management Architecture

McAfee ePO is proven to offer enterprise scalability, helping organizations to manage millions of desktops around the globe. Avecto customers can now take advantage of their existing ePO infrastructure to deploy and manage Privilege Guard on all of their McAfee secured endpoints.

Privilege Guard ePO Edition Architecture

Privilege Guard ePO Edition Architecture

Using the System Tree, the Privilege Guard Client is automatically deployed to the correct endpoints across LAN, WAN or web, leveraging the flexible administration options and robust security model offered by ePO.

Integrated Policy Management

A fully integrated management console allows you to create, deploy and update Privilege Guard policies using a consistent and familiar interface.

Integrated Policy Management

Integrated Policy Management

Policy creation can also be fully automated by importing rules and definitions directly from audited events or from a wide selection of templates, providing a slick workflow for quickly reacting to the ever-changing demands of desktop users and server admins.

The management console fully supports the import and export of policies from the Privilege Guard Group Policy Edition, for easy migration to and from Group Policy, or for standalone policy management via MMC.

Enterprise Auditing and Reporting

To complete the least privilege lifecycle, Privilege Guard ePO Edition includes a set of rich, interactive dashboards, providing centralized reporting on all privileged activity.

Enterprise Auditing & Reporting

Enterprise Auditing & Reporting

Events are collected directly from endpoints by the McAfee Agent and stored in a central database. Detailed information relating to elevated, blocked and discovered applications can be used to build and refine policies.

The extensible reporting architecture of McAfee ePO enables you to create customized dashboards to show holistic views of all endpoint security and privilege usage events for deeper forensic analysis.

To see Privilege Guard ePO Edition for yourself, register at avecto.com for an evaluation and take advantage of the leading privilege management solution.

For more information on Privilege Guard ePO Edition, check out our new datasheet.

 

Posted in Active Directory, ePO, Least Privilege, McAfee, Privilege Guard | Comments Off

Centralized management: ignore the user at your peril

Posted on April 23, 2013 by John Dunn

Admins must immerse themselves in the complex world of the endpoint

Centralized management has been an everyday part of computing since the era of the mainframe and yet many decades on its design, operation and ultimate purpose is still undergoing a fascinating and restless evolution.

History should have ended with the mainframe: centralizing the management of computing resources was the natural order; simple, time-efficient, obviously cheaper and absolutely predictable. Then a bunch of clever people came up with the microprocessor and its revolutionary progeny, the personal computer, and centralization built on a simple top-down hierarchy was swept away. Continue reading

Posted in Least Privilege, Privilege Guard, Regulatory Compliance | Comments Off

New regulation for financial institutions calls for least privilege implementation

Posted on March 28, 2013 by Russell Smith

Singapore’s central bank, The Monetary Authority of Singapore (MAS), is preparing to issue new guidelines for IT technology risk management that will replace its previous Internet Banking Technology Risk Management (IBTRM) guidelines, last updated in June 2008. MAS acts on behalf of the government to regulate financial institutions operating in Singapore. What is even more interesting is that a large number of international banking organizations are using MAS as their compliance foundation for a risk management framework. Continue reading

Posted in Least Privilege, Regulatory Compliance | Comments Off

Singapore puts privilege management on the map

Posted on March 25, 2013 by John Dunn

An apparently small change in one authority could have important implications for financial services

If you haven’t heard of the new Technology Risk Management (TRM) guidelines issued quietly by the Monetary Authority of Singapore (MAS), this is a good moment to ponder the way that apparently small regulatory changes in distant corners of the world can suddenly ripple across global IT security as if from nowhere.

On the face of it, Singapore’s TRM is a dry-sounding refresh of banking and financial sector risk management guidelines, the most recent version of which dates back to 2008. Back then things were bad enough as corporate security was beset by unfamiliar and unnerving uncertainties; five years and a long list of data breaches, bank Trojans and targeted DDoS attacks later and the word ‘crisis’ seems nearer the mark. The overhauled MAS guidelines are the city state’s reaction to that darkening landscape. Continue reading

Posted in Application Control, Desktop Lockdown, Least Privilege, Privilege Guard, Regulatory Compliance | Comments Off

Government leads the way in security compliance

Posted on March 21, 2013 by Russell Smith

Computer security is a field where the goal posts are constantly moving, as malware morphs in an attempt to outsmart the defenses you put in place. While security professionals have recognized for a long time that unwanted software, often in the form of Trojans and worms usually installed by users when tricked by some form of social engineering, presents the biggest risk to security, it’s only now that compliance mandates are catching up and being developed using real-world attack data.

Australia’s Department of Defense Intelligence Agency produced a report of mitigation strategies using research on attacks carried out in 2010, and later updated in 2011. It concluded that 85 per cent of attacks could have been prevented if its top 4 recommendations had been followed. These top 4 recommendations are known as the security ‘sweet spot’: Continue reading

Posted in ePO, Least Privilege, McAfee, Privilege Guard | Comments Off

Info Security Products Guide Global Excellence Award Builds on a Successful First Half of Fiscal Year 2013

Posted on March 13, 2013 by Paul Kenyon

We are thrilled to announce that we’ve been honored for the second year in a row by Info Security Products Guide, which recently named our Privilege Guard a Silver winner of the 2013 Global Excellence Awards in the Identity Management category. We are pleased to again be recognized by the esteemed awards for our leadership in the least privilege management sector.  It is our goal to continue providing deep visibility and control over corporate desktops and servers, enabling enterprises to strike the balance of user empowerment with corporate security. Continue reading

Posted in Application Control, AppLocker, Least Privilege, Privilege Guard | Comments Off

How Effective are Your Defenses?

Posted on March 11, 2013 by Russell Smith

Keeping malware off your network is like a never-ending game of space invaders, except that you need more than one weapon to ward off criminals from cyberspace. But deploying the right security solutions in the right places is crucial if your lines of resistance are to be effective.

A report published in November 2012 by NSS Labs, Cybercrime Kill Chain vs. Defense Effectiveness – subversion of layered security, analyses the effectiveness of security systems, concluding that many attacks successfully penetrate layered security defenses. Network edge firewalls, intrusion protection systems (IPS), endpoint protection suites/antivirus and browser protection, as commonly deployed by large organizations, all fail to live up to expectations. Continue reading