Monthly Archives: July 2013
- July 19th, 2013
Bad privilege management is as dangerous as none
Utilizing tools native to the operating system to convert Windows networks to an environment in which administrator-level privileges are the justified exception rather than the rule is often mistakenly seen as a discrete destination when it is really part of a long, ongoing, complicated journey.
It’s an easy mistake to make. Many organizations find themselves simultaneously running up to three significant generations of Windows; XP, Windows 7 and Windows 8, plus one or two way points in between such as Vista and Service Packs. Each one of these comes with slightly different ways to manage standard and administrator accounts. These include the evolving controls in User Account Control (UAC) and related technologies such as XP’s prototype whitelisting Software Restriction Policies (SRP) and 7′s AppLocker.
- July 9th, 2013
64% of IT security professionals believe malware incidents to be a significant reason for the increase in IT operating expenses (2013 State of The Endpoint, Ponemon)
Today’s malware is increasingly sophisticated, taking advantage of normal user behavior to gain a foothold within your organization. Web browsers, media plugins, Java exploits and removable media are amongst the most common vectors of introduction and each of these require an unknowing user at the keyboard to access the ‘trojan’ content.
- July 3rd, 2013
Don’t let privilege creep be the downfall of a project to secure your company’s IT systems.
What is Privilege Creep?
Despite the work Microsoft has done to make Windows easier to run with standard user access, some Windows features and legacy applications still require administrative privileges. When users experience an issue, the first step that the helpdesk often takes is to grant administrative privileges to check that the problem isn’t caused by a lack of access rights.
Even if the problem turns out not to be caused by standard user permissions, administrative privileges are often deliberately left in place so that the user doesn’t continue to call the helpdesk, or the privileges are simply forgotten and never removed. This phenomena of moving from standard user privileges to administrative rights is referred to by system administrators as privilege creep.