Admins are already busy maintaining all systems running onsite and remotely, so the extra demand to protect against fileless threats can be overwhelming for manual security operations and inexperienced IT professionals. There are, however, five basic steps you can take to help mitigate the threat...
BeyondTrust customer, Chris Tucker, Associate Director for Identity and Access Management at the University of Utah, discussed his team’s privileged access management (PAM) journey with our CTO and CISO, Morey J. Haber during a recent webinar session. The discussion covered a number of topics and unearthed a wealth of cybersecurity lessons—from how the university decided on a PAM vendor to the path to implementing a just-in-time access model, to adapting to the security and access challenges imposed by the coronavirus pandemic. Read the full transcript.
While the potential, even imminence, for a “U.S. GDPR” has been posited since the publication of the EU General Data Regulation (GDPR), there is still no comparable, broad-reaching data privacy law covering U.S. citizens and residents. However, in recent years, individual states have advanced the mantle of data privacy.
Bill Gates famously predicted the death of the password at the RSA Security Conference in 2004. Since then, many thousands of others have piled on. And despite all these claims of the imminent extinction of the password, rather than being relegated to the wastebin of antiquated IT practices, passwords seem no less relevant in 2020 today than in 2004.
BeyondTrust has just launched version 20.2 of our Privileged Remote Access solution, which empowers IT teams to control, manage, and audit remote privileged access by authorized employees, contractors, and vendors—without compromising security.
Third-party security information and event management (SIEM) products can centralize logs and provide intelligence to identify events that might be important. But in the absence of a SIEM product, built-in Windows Server features can help protect your systems.
Welcome to our Patch Tuesday recap for September 8, 2020. This month’s patches fix 129 vulnerabilities, 20 of which have been designated ‘Critical’ by Microsoft. None of the vulnerabilities have been publicly disclosed prior to patching or exploited in the wild.
The second-ever Gartner Magic Quadrant for Privileged Access Management has been published, and BeyondTrust is pleased to announce that we have again been named a Leader! The 2020 edition of the Magic Quadrant provides an evaluation and assessment of 12 participating PAM vendors. Organizations are evaluated across completeness of vision and ability to execute, with the report drilling down across dozens of criteria. This year, along with the Magic Quadrant, Gartner published a supplemental report, the 2020 Critical Capabilities for Privileged Access Management, which includes additional analysis and vendor rankings. BeyondTrust achieved top-2 vendor product scoring for both Global Enterprise Use Cases and the Midsize and Large Enterprise Use Cases categories. Learn more.
Security researchers have recently identified a new technique that allows simple DLL hijacking of privileged processes in Windows 10 by abusing a combination of file system permissions, how Windows validates files, signatures and their paths, and how Windows searches for DLLs to be loaded. Left alone, this vulnerability can allow a user to spoof the system into launching processes with modified DLLs present. The modified DLL could contain code that triggers other processes or tasks of the attackers choosing. In the aforementioned article, the modified DLL is used to launch an elevated instance of the Windows Command Processor, bypassing the protection Windows provides.
Ernst & Young LLP recently announced the finalists for the Entrepreneur Of The Year® 2020 Award, and I am thrilled to share that Matt Dircks, BeyondTrust CEO, was selected by a panel of independent judges as one of 30 finalists from a competitive pool of nominations in the Southeast region. Now in its 34th year, the Entrepreneur Of The Year program honors entrepreneurial business leaders whose ambitions deliver innovation, growth, and prosperity as they build and sustain successful businesses.
Security for Mac endpoints is an increasingly critical, but typically overlooked, need for enterprises. As macOS grows more prevalent amongst organizations, threat actors have taken notice. Exploits targeting Apple’s operating system increasingly yield good returns for threat actors. More often than not, privileged access security deficiencies lie at the heart of Mac endpoint breaches.
What do you think of when people talk about service desk efficiency? Is it speed?—Doing things more quickly, ideally saving costs too? Or, is it cost efficiency?--Finding more economical ways of doing things? Regardless, as we make our way into what’s being called “the new normal,” which involves the expansion of remote work, these two dimensions are no longer enough. There’s now a third dimension required – based on value and business outcomes. I like to think of this as “better, faster, cheaper”, replacing the decade-old ITSM mantra of “doing more with less.”
