Featured

Contributor:
Andrew Avanessian
June 24th, 2016

Does a younger board make for a more secure organization?

A recent survey conducted by the Financial Times (FT) revealed that just four FTSE 100 companies had board members under the age of 40. Though perhaps this is unsurprising when we think about a traditional corporate hierarchy, the implications of an older board that does not have the digital threat landscape at the top of their agenda could result in a security headache.

Continue Reading

Centralized management: ignore the user at your peril

Admins must immerse themselves in the complex world of the endpoint

Centralized management has been an everyday part of computing since the era of the mainframe and yet many decades on its design, operation and ultimate purpose is still undergoing a fascinating and restless evolution.

History should have ended with the mainframe: centralizing the management of computing resources was the natural order; simple, time-efficient, obviously cheaper and absolutely predictable. Then a bunch of clever people came up with the microprocessor and its revolutionary progeny, the personal computer, and centralization built on a simple top-down hierarchy was swept away.

Continue Reading


How a single rogue admin humbled Switzerland’s Intelligence Agency

So who guards the guards?

Here’s the scary thing about admins. They are hired to guard the security battlements, to be the keepers of the keys, and to pull an organization out of a hole when outsiders or employees do something inconvenient, unpleasant or worse. The job implies huge trust.

But what happens if an admin, to borrow military parlance, ‘goes rogue’? That it happens from time to time is well-established and yet most organizations remain almost defenseless against the threat posed by such a high-level insider attack.

Ask the Swiss Federal Intelligence Agency (NDB), which discovered earlier this year that one of its admins had become disaffected enough to siphon off terabytes (yes, terabytes) of top secret information with the hope of hawking it to the foreign intelligence services.

Continue Reading


Admin Rights – Your Achilles Heel

Whether a large enterprise or an SMB, every organization experiences IT hindrances that result in support calls to the help desk. Calls might span a variety of issues, from trouble downloading software to something as simple as connecting to a printer. At a glance, these issues seem to stand independently of each other, differing in nature, cause and solution. However, organizations should realize there is often an underlying basis that serves as their common root – admin rights. While this might not immediately stand out as a core weakness, admin rights might be considered the Achilles heel, where one slight misuse could bring the entire organization to its knees.

Continue Reading


Protecting Passwords with Least Privilege Security

Least privilege security and application whitelisting are all about protecting systems from unwanted change, but are also critical when it comes to protecting users’ credentials and domain admin passwords. While preventing key logging software from getting onto your systems is the most evident way these defenses might stop account credentials from being compromised, there are some less obvious advantages too.

Continue Reading


Unsecured PCs Can Put Your Critical Infrastructure at Risk

In an ideal world, critical IT systems should never rely on the security of lesser devices. But in practice, computer networks are complicated and many dependencies exist, some of which are more desirable than others, and eliminating all unwanted dependencies is a difficult task.

Continue Reading