All posts by Russell Smith

5 reasons to love least privilege security

IT security doesn’t often get much love, from end users or system administrators. So in this post, I’m going to give you 5 reasons why you should embrace least privilege security with open arms on Valentine’s Day.

Continue Reading

Don’t fall victim to Privilege Creep!

Don’t let privilege creep be the downfall of a project to secure your company’s IT systems.

What is Privilege Creep?

Despite the work Microsoft has done to make Windows easier to run with standard user access, some Windows features and legacy applications still require administrative privileges. When users experience an issue, the first step that the helpdesk often takes is to grant administrative privileges to check that the problem isn’t caused by a lack of access rights.

Even if the problem turns out not to be caused by standard user permissions, administrative privileges are often deliberately left in place so that the user doesn’t continue to call the helpdesk, or the privileges are simply forgotten and never removed. This phenomena of moving from standard user privileges to administrative rights is referred to by system administrators as privilege creep.

Continue Reading

New regulation for financial institutions calls for least privilege implementation

Singapore’s central bank, The Monetary Authority of Singapore (MAS), is preparing to issue new guidelines for IT technology risk management that will replace its previous Internet Banking Technology Risk Management (IBTRM) guidelines, last updated in June 2008. MAS acts on behalf of the government to regulate financial institutions operating in Singapore. What is even more interesting is that a large number of international banking organizations are using MAS as their compliance foundation for a risk management framework.

Continue Reading

Government leads the way in security compliance

Computer security is a field where the goal posts are constantly moving, as malware morphs in an attempt to outsmart the defenses you put in place. While security professionals have recognized for a long time that unwanted software, often in the form of Trojans and worms usually installed by users when tricked by some form of social engineering, presents the biggest risk to security, it’s only now that compliance mandates are catching up and being developed using real-world attack data.

Australia’s Department of Defense Intelligence Agency produced a report of mitigation strategies using research on attacks carried out in 2010, and later updated in 2011. It concluded that 85 per cent of attacks could have been prevented if its top 4 recommendations had been followed. These top 4 recommendations are known as the security ‘sweet spot’:

Continue Reading

How Effective are Your Defenses?

Keeping malware off your network is like a never-ending game of space invaders, except that you need more than one weapon to ward off criminals from cyberspace. But deploying the right security solutions in the right places is crucial if your lines of resistance are to be effective.

A report published in November 2012 by NSS Labs, Cybercrime Kill Chain vs. Defense Effectiveness – subversion of layered security, analyses the effectiveness of security systems, concluding that many attacks successfully penetrate layered security defenses. Network edge firewalls, intrusion protection systems (IPS), endpoint protection suites/antivirus and browser protection, as commonly deployed by large organizations, all fail to live up to expectations.

Continue Reading