January 12th, 2015
Just like fashion, malware goes through trends and comebacks, so let’s take a look at what’s ‘in’ this season. Anyone involved in IT in the 1990′s will remember a few things; plaid shirts, floppy disks and macro viruses. Although I can’t envisage the former two making a comeback any time soon, macros are definitely back on the InfoSec agenda, something Microsoft has been highlighting recently.
- December 18th, 2013
Imagine an OS without security updates, hotfixes or support – being stuck in a world of perpetual zero days in what would effectively be open season for cybercriminals. Come April 8th 2014, this is exactly what many organizations will be facing as Microsoft withdraws it’s free support for the hugely popular Windows XP operating system.
- July 19th, 2013
Bad privilege management is as dangerous as none
Utilizing tools native to the operating system to convert Windows networks to an environment in which administrator-level privileges are the justified exception rather than the rule is often mistakenly seen as a discrete destination when it is really part of a long, ongoing, complicated journey.
It’s an easy mistake to make. Many organizations find themselves simultaneously running up to three significant generations of Windows; XP, Windows 7 and Windows 8, plus one or two way points in between such as Vista and Service Packs. Each one of these comes with slightly different ways to manage standard and administrator accounts. These include the evolving controls in User Account Control (UAC) and related technologies such as XP’s prototype whitelisting Software Restriction Policies (SRP) and 7′s AppLocker.
- July 3rd, 2013
Don’t let privilege creep be the downfall of a project to secure your company’s IT systems.
What is Privilege Creep?
Despite the work Microsoft has done to make Windows easier to run with standard user access, some Windows features and legacy applications still require administrative privileges. When users experience an issue, the first step that the helpdesk often takes is to grant administrative privileges to check that the problem isn’t caused by a lack of access rights.
Even if the problem turns out not to be caused by standard user permissions, administrative privileges are often deliberately left in place so that the user doesn’t continue to call the helpdesk, or the privileges are simply forgotten and never removed. This phenomena of moving from standard user privileges to administrative rights is referred to by system administrators as privilege creep.
- June 25th, 2013
How you could reduce the cost of downtime by 70%
“Organizations which have a one size fits all approach to PC lock-down will have a higher TCO than organizations that optimize their policies based on user needs” (Gartner)
Optimizing desktop and server security may seem to have little to do with your organization’s profit and loss, share price and bottom line, but going beyond anti-virus protection can have a significant impact on user productivity and total cost of ownership.
- June 20th, 2013
In an era where 67% of security professionals believe that they do not have ample resource to minimize IT endpoint risk throughout their organization (2013 State of the Endpoint, Ponemon), it has never been more crucial that the IT security projects you prioritize deliver maximum return on investment as well as exceptional security benefits.
Within their 2013 desktop total cost of ownership (TCO) study, research from Gartner continues to advocate the movement of organizations towards a ‘locked and well managed’ environment with respect to user privilege. The cost profile associated with this landscape is coveted by global organizations as it results in TCO savings of almost 30% against a ‘moderately managed’ environment; that’s $1,264 per desktop per year.