February 1st, 2016
In a previous blog I discussed why it is important to focus on the endpoint first when it comes to security. This generated some really interesting discussions with people arguing the case for product X and Y or asking “what about detection on the endpoint?”
- July 3rd, 2013
Don’t let privilege creep be the downfall of a project to secure your company’s IT systems.
What is Privilege Creep?
Despite the work Microsoft has done to make Windows easier to run with standard user access, some Windows features and legacy applications still require administrative privileges. When users experience an issue, the first step that the helpdesk often takes is to grant administrative privileges to check that the problem isn’t caused by a lack of access rights.
Even if the problem turns out not to be caused by standard user permissions, administrative privileges are often deliberately left in place so that the user doesn’t continue to call the helpdesk, or the privileges are simply forgotten and never removed. This phenomena of moving from standard user privileges to administrative rights is referred to by system administrators as privilege creep.
- December 17th, 2012
So who guards the guards?
Here’s the scary thing about admins. They are hired to guard the security battlements, to be the keepers of the keys, and to pull an organization out of a hole when outsiders or employees do something inconvenient, unpleasant or worse. The job implies huge trust.
But what happens if an admin, to borrow military parlance, ‘goes rogue’? That it happens from time to time is well-established and yet most organizations remain almost defenseless against the threat posed by such a high-level insider attack.
Ask the Swiss Federal Intelligence Agency (NDB), which discovered earlier this year that one of its admins had become disaffected enough to siphon off terabytes (yes, terabytes) of top secret information with the hope of hawking it to the foreign intelligence services.
- December 22nd, 2011
Bradley Manning – the Private who’s accused of downloading 110,000 U.S. State Department cables to his PC, copying them to a removable drive and then passing the information to Wikileaks – has been in the news again this week as his trial begins. The incident highlights a massive security failing by the U.S. military.
In the first instance, Manning’s ability to view classified data that he had no need to access, and secondly the capability to copy the information undetected from his workstation. While a somewhat extreme case of the unpleasant consequences desktop privileges can have for an employee, I recently stumbled across a post in an IT forum that demonstrated a similar problem – but in the corporate world.
- November 23rd, 2011
Microsoft’s Security Intelligence Report (SIR) v10, published in May this year, revealed figures that show Windows 7 is the company’s most secure operating system, reporting that the OS suffered fewer security incidents per 1000 computers than any other supported version of Windows in 2010. Windows 7 64-bit edition had 2.5 infections per 1000 computers, with 32-bit Windows 7 coming in at 3.8. This compared to 15.9 infections for Windows XP SP3 and 19.3 for XP SP2.
- October 26th, 2011
Active Directory (AD) is the core of a Windows Server network and consists of a database that stores usernames and passwords, plus several technologies that work together to provide security and management services to clients and servers. Domain controllers (DCs) are servers that host a copy of the AD database and run related services.