Windows XP migration is a once in a generation opportunity.
What is it about Windows XP that has made getting rid of an obsolete operating system so difficult? On the face of it, it should be no contest; XP is inherently less secure than its successors, will no longer receive essential updates, cybercriminals target it more often, and it doesn’t even support the latest secure applications. These factors add up to higher support costs and risk. Continue reading
The lead up to Windows XP’s expiration is causing a frenzy among the many businesses that are still running on the retiring operating system. Recent statistics show that XP still represents more than 30 percent of market share; unfortunately, the infection rate is six times higher than that of Windows 8 and two times higher than Windows 7. This means that every day that passes once Windows XP support expires will bring new risks to businesses that haven’t upgraded. As a result, we’re increasingly seeing IT departments starting or completing their migrations to Windows 7 in order to prevent huge customer support costs and minimize their attack vectors and risks of downtime.
The simple elevation of user and application privileges lies at the heart of many breaches
We must hope that January’s huge data breach at Target will be a turning point in the history of data breaches. For the first time, businesses are starting to ask difficult questions – might the fact that one of the US retail sector’s most respected retailers can be breached with such ease not be telling us that something is profoundly wrong with enterprise security? Continue reading
There are many reasons why it’s a good idea to run without admin rights, but for a recent webinar by Avecto, I narrowed it down to my top 5 reasons why it’s important to do so.
You can hear more about these on the on-demand webinar and see real examples of ethical hacking, where I show you some actual scenarios of vulnerabilities in the Windows OS. Continue reading
Unconvinced about the importance of removing user admin rights? Read on for some compelling reasons why user privileges should be at the top of your security agenda in 2014. Continue reading
IT security doesn’t often get much love, from end users or system administrators. So in this post, I’m going to give you 5 reasons why you should embrace least privilege security with open arms on Valentine’s Day. Continue reading
Microsoft has announced that it will continue to provide updates to its anti-malware signatures and engine for Windows XP users until July 14th, 2015. But what does this really mean?
The end of support for the operating system as a whole is April 8th, 2014, and this extended security service isn’t enough to keep organizations secure. Continue reading
Target’s breach tells us the world still isn’t fixed.
The list of world-famous firms humbled by data breaches since 2007 makes sobering reading: Heartland, TK Maxx, the Sony PlayStation Network, Evernote, and now retailer Target are among a long list that have ended up with their expensively-tended brand names etched into data security history for the wrong reasons. Continue reading
Following the launch of PCI DSS 3.0 in January, I’ve been faced with questions from many businesses about changes they should implement within the next year to remain or become compliant with the updated mandate. Continue reading
What do the guidelines of PCI DSS, FDCC, SOX and HIPAA have in common? These mandates, in addition to other commonly implemented regulations, either explicitly demand or at least suggest the use of least privilege security to effectively safeguard data. In terms of compliance, this methodology has a dual benefit – not only does it satisfy auditors, but it will also protect against security breaches that could result in destructive data loss. Continue reading