Monthly Archives: December 2012
- December 24th, 2012
A great song writer once wrote “So this is Christmas and a Happy New Year…”* and now is the time to wish everyone Seasons’ Greetings from all of us at Avecto.
One of the topics of discussion round the office this past week has been family Christmas traditions. And with the European team in town for our festive party it’s been really interesting to hear how our colleagues celebrate. One of my family traditions is to have a discussion (usually quite heated) on what we want to do in the incoming year and decide what has been the one thing each one of us is most proud of achieving in the previous year.
- December 20th, 2012
IT departments are often met with employee demand for unrealistic levels of service and autonomy. This can be especially problematic when migrating to a least privilege environment. There are, however, steps that can be taken to communicate and convey the benefits of least privilege, reducing friction between end users and the IT department.
- December 17th, 2012
So who guards the guards?
Here’s the scary thing about admins. They are hired to guard the security battlements, to be the keepers of the keys, and to pull an organization out of a hole when outsiders or employees do something inconvenient, unpleasant or worse. The job implies huge trust.
But what happens if an admin, to borrow military parlance, ‘goes rogue’? That it happens from time to time is well-established and yet most organizations remain almost defenseless against the threat posed by such a high-level insider attack.
Ask the Swiss Federal Intelligence Agency (NDB), which discovered earlier this year that one of its admins had become disaffected enough to siphon off terabytes (yes, terabytes) of top secret information with the hope of hawking it to the foreign intelligence services.
- December 14th, 2012
A recent whitepaper published by Microsoft describes an attack known as Pass-the-Hash (PtH), which has become a common attack vector for credential theft. A PtH attack is where an attacker captures account logon credentials, but instead of capturing the clear text password, the attacker captures the password hash, which can then be re-used to logon to network services, because the password hash is an unsalted MD4 hash.
I’m not going to go into too much depth in this post, as the whitepaper provides comprehensive information on these attacks, which I highly recommend you read – Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques
- December 6th, 2012
A privilege management solution needs to do much more than simply manage user and application privileges for it to be adopted by the most demanding organizations. The Privilege Guard (Edit: now Defendpoint) solution has been architected around 4 key principles (or pillars), with every new release of Privilege Guard building on these core foundations.