John E Dunn
March 12th, 2014
The simple elevation of user and application privileges lies at the heart of many breaches.
We must hope that January’s huge data breach at Target will be a turning point in the history of data breaches. For the first time, businesses are starting to ask difficult questions – might the fact that one of the US retail sector’s most respected retailers can be breached with such ease not be telling us that something is profoundly wrong with enterprise security?
- November 19th, 2013
Edward Snowden’s data leakage at the NSA has certainly caused a ripple effect across the entire IT landscape, forcing organizations across all industries to take a closer look at their current security defenses. At the McAfee FOCUS conference in October this year, we conducted a survey to examine just how closely security professionals were rethinking their approaches to security as a result of the NSA incident. And just as important – if not more – was determining how many of those professionals were actually converting these attitudes to action.
- September 25th, 2013
User Account Control was a great idea but it has taken privilege management to fulfill its potential
How did computer security get into such a troubled and confused state? It’s a question security professionals must ask themselves on a daily basis as they face demands that threaten to explode budgets while offering no guarantee that any of the expensively-assembled defenses will actually work.
The roots of the malaise goes back to the early years of the millennium when enterprises and consumers using Windows 2000 and Windows XP were suddenly ambushed by waves of clever software attacks that warned the world that criminals had floored an evolutionary accelerator pedal. By the time XP and Windows received its first major security upgrade in the form of Service Pack 2 in 2004, it was becoming clear that security had entered an unsettling era that might take decades to play out.
- August 12th, 2013
Administrators, privileged network deities or just a type of ordinary network user much the same as anyone else? Years into an age where IT security has become a mainstream topic, this remains the sort of polarizing question that can provoke one of two reactions; shock or relief.
- August 7th, 2013
Privilege Guard’s UAC Replacement Extends to MSI Packages
For quite some time we have supported Windows Installer packages, empowering standard users to run MSI’s, MSU’s and MSP’s that would require administrator privileges to complete. This functionality is fundamental in most least privilege deployments, where power users are delegated the privilege of choosing their own productivity tools.
- August 2nd, 2013
Privilege Guard becomes the only privilege management solution to provide control of Windows Services
Services play an integral part of endpoint functionality – they are components of many desktop products, and almost all server implementations. On desktops, services run in the background across multiple user sessions, most commonly for products such as antivirus, firewalls and other security products. On servers, many roles function as services because of the performance and high availability requirements of applications in the datacenter.