Category Archives: Least Privilege
Posted in Least Privilege
Comments Off
Mitigating Advanced Malware Attacks with Least Privilege
Targeted malware attacks and Advanced Persistent Threats (APTs) are making malware detection and removal much more challenging. It is common knowledge that good security requires a defense-in-depth strategy, as no single solution can provide adequate protection from malware. Traditional approaches … Continue reading
Posted in Application Control, Desktop Lockdown, Least Privilege
Comments Off
SMEs are not immune to targeted hacking
Security can be a hard sell, and that’s particularly true in small and medium sized organizations (SMEs). A study of threat awareness, carried out by Symantec in 2011, shows that though some SMEs are aware of the security risks posed … Continue reading
Posted in Application Control, Least Privilege, Privilege Guard, Software Installation
Comments Off
Self-Provisioned Software Installation with Privilege Guard
In addition to elevating the rights of privileged applications and administrative tasks, Privilege Guard can empower users to install approved software. Although most organizations will have some form of centralized software distribution in place, packaging every application for distribution is … Continue reading
Posted in Desktop Lockdown, Least Privilege, Privilege Guard
Comments Off
Welcome to RSA 2012 – and the world of 2012 cybersecurity defences
With the RSA Security Conference now upon us in the US – and with a welter of really interesting announcements coming out of the San Francisco event – I was intrigued to read a guest column from Art Coviello, the … Continue reading
Posted in Active Directory, Application Control, Desktop Lockdown, Least Privilege, Privilege Guard
Comments Off
Unsecured PCs Can Put Your Critical Infrastructure at Risk
In an ideal world, critical IT systems should never rely on the security of lesser devices. But in practice, computer networks are complicated and many dependencies exist, some of which are more desirable than others, and eliminating all unwanted dependencies … Continue reading
Posted in Application Control, Desktop Lockdown, Group Policy, Least Privilege
Comments Off
Desktop Misadventures
Bradley Manning – the Private who’s accused of downloading 110,000 U.S. State Department cables to his PC, copying them to a removable drive and then passing the information to Wikileaks – has been in the news again this week as … Continue reading
Posted in Group Policy, Least Privilege, Privilege Guard, User Account Control (UAC), Windows 7
Comments Off
Who’s in Charge of User Account Control?
Microsoft’s Security Intelligence Report (SIR) v10, published in May this year, revealed figures that show Windows 7 is the company’s most secure operating system, reporting that the OS suffered fewer security incidents per 1000 computers than any other supported version … Continue reading
Posted in ePO, Least Privilege, McAfee, Privilege Guard
Comments Off
Protecting Against Kernel-mode Rootkits with Avecto and McAfee
Kernel-mode rootkits install themselves deep inside the operating system. They often use cloaking techniques to hide themselves and other malware to prevent detection or removal. The introduction of kernel patch protection in 64-bit Windows made it more difficult for kernel-mode rootkits … Continue reading
Posted in Active Directory, Group Policy, Least Privilege, Privilege Guard
Comments Off
Assigning admin privileges on Domain Controllers
Active Directory (AD) is the core of a Windows Server network and consists of a database that stores usernames and passwords, plus several technologies that work together to provide security and management services to clients and servers. Domain controllers (DCs) … Continue reading
Posted in Desktop Lockdown, Least Privilege
Comments Off
Who Has Admin Rights?
Before implementing a least privilege desktop policy it is generally good practice to know who you are likely to affect. This is not an easy task if you do not already manage or track which users have previously been given … Continue reading
