dcsimg

How to kick start your least privilege strategy as we begin 2019

As we open 2019, we are expecting the issue of least privilege cybersecurity to become a priority for companies across the spectrum. One of the big reasons, of course, is that 80 percent of breaches today involve the compromise of IT and business user credentials including usernames and passwords.  To combat the exploitation of compromised accounts, organizations increasingly recognize how … [Read more...]

Least Privilege Uncovered

Organizations around the world are challenged by an ever-growing cyber threat landscape and are experiencing serious cyber fatigue. Their employees are dealing with constant information overload about cyber attacks, ransomware, identity theft and phishing scams. Employees are exposed to risky behavior For years, employees across all departments in most organizations have habitually practiced risky … [Read more...]

5 Spooky Privilege Security Mistakes that Will Haunt Your Organization

It’s a dark and stormy night. Suddenly your system locks up. Then you get a message, demanding online payment to release your sensitive data back to you. Unfortunately, this isn’t a Halloween prank. Ransomware is on the rise and organizations of all types are falling victim. Your risk of cyber-attack exponentially increases if you’ve made any of the mistakes below. The good news is that all these … [Read more...]

Everything you need to know about NIST 800-53

The National Institute of Standards and Technology (simply referred to as NIST) sets the security standards, guidelines and recommended security controls for the Federal Information Systems and Organizations.  This extensive database of publications includes the FIPS (Federal Information Processing Standards), SP (NIST Special Publications), NISTIR (NIST Internal Reports) and the ITL Bulletin … [Read more...]

Seven reports you can share with auditors and execs to demonstrate proactive privilege management

All major compliance bodies recommend or require a least privilege policy to protect sensitive data. Removing local administrative access on user workstations is a fundamental strategy for endpoint security to protect against both internal and external threats. Auditors will see that you have implemented a proactive security strategy to prevent malicious activity and accidental data breaches By … [Read more...]

Microsoft’s Frankenstein Approach to Endpoint Protection

With Windows 10 Microsoft has embedded and enhanced a number of free tools it claims give IT and security teams the opportunity to close security gaps exposed in previous versions of Windows. One of the critical goals Microsoft aims to address is the principle of least privilege. Under a least privilege policy, administrative credentials are removed from workstations in order to block threat … [Read more...]

How to Protect Your Desktop Team When Moving to Least Privilege 

When companies yank local administrative privileges from business users without considering the downstream impact, their least privilege programs are doomed to fail. Suddenly unable to download applications, run programs, install printers or make other system changes, users will be confused and frustrated. Those frustrations are going to land squarely on the plate of the desktop support … [Read more...]

Top 10 Keys to Successful Least Privilege Adoption Via Application Control

Gone are the days when a security team could select a new tool, turn it on, and expect everyone in the organization to adjust. When security hinders the business, the business fights back. Users now have numerous ways they can work around security tools and policies to get their job done. Least privilege is a fundamental aspect of endpoint security, but it can’t be enforced without thoughtful … [Read more...]

Why is least privilege the place to start for endpoint security?

Because it will save you time and money.   Your end user’s computers are increasingly exploited as an attack vector used to attain accounts with local administrator rights on Windows or root access on Mac OS. There are a lot of solutions that promise malware detection and prevention. And you can buy more and more software to try to prevent these things from happening on the front lines. But … [Read more...]