The BeyondTrust Blog

Privilege Management SaaS Hardens Windows & Mac Endpoint Security, Protecting On-Prem & Remote Workers & Systems

May 26, 2020

​Today, BeyondTrust announced our industry-leading Privilege Management for Windows & Mac solution is now available as SaaS (software-as-a-service). Our SaaS-based solution empowers organizations to eliminate admin rights quickly and efficiently across Windows and Mac endpoints, without disrupting user productivity. With BeyondTrust PAM SaaS solutions, customers get the best of both worlds, removing the burden of managing their infrastructure, while enjoying the feature-richness of the cloud and the flexibility of a subscription-based model.

Read this post

Password & Session Checkout Duration – 4 Steps to Achieving Best Practices

May 21, 2020

How long should privileged password and privileged session checkout durations last? This is a common question that consistently arises when I speak with security professionals. To make the best decision, IT and security teams need to evaluate, categorize, and then prioritize the types of privileged accounts and their usage. This blog covers the best practices.

Read this post

The Effectiveness of Identity-Based Security Controls on Breach Reduction: What New IDSA Research Spells Out

May 20, 2020

This blog parses through key findings of recent research around identity-based threat vectors and cybersecurity controls. It also assesses the impact of recent trends (remote work, BYOD, shadow IT), such as in response to COVID-19.

Read this post

Three Overlooked Privileged Access Risks

May 18, 2020

Most practitioners of Privileged Access Management (PAM) tend to focus on reducing, managing, securing, and auditing the administrator and root accounts that have god-like access to their environment and assets. However, there are plenty of other privileged activities that have abstract access within your environment that can cause a world of pain if not properly managed.

Read this post

Is Cybersecurity Insurance Leading to More Lax Security?

May 15, 2020

Without question, cybersecurity insurance is gaining popularity amongst companies, who, in today’s threat environment, are constantly besieged by both internal and external threats. Is cybersecurity insurance a valid way to insure from damage against assets, data, customers, branding, and ransom cost related to ransomware?

Read this post

May 2020 Patch Tuesday

May 12, 2020

​This month, Microsoft has patched 111 vulnerabilities with 13 of them being classified as Critical. Learn more.

Read this post

Vendor Access: Addressing the Security Challenge with Urgency

May 11, 2020

​The coronavirus pandemic has forced thousands of companies to make leaps in their digital transformation journey. Businesses and public sector agencies were already challenged by remote access, BYOD, and cloud adoption. Now, the coronavirus has raised the stakes. Almost everyone I know that’s working is doing so using remote access because of COVID-19 social distancing and/or stay at home guidelines and orders.

Read this post

Common Flaws with Enterprise Password Management Strategies

May 7, 2020

The average employee has 191 passwords (this does not even take into consideration privileged credentials!), with the average 250-person company having over 47,000 passwords used across the organization. Thus, it’s easy to see how the scale of this password management challenge can present a logistical nightmare even for relatively small businesses. Yet, modern security absolutely hinges on protecting the identity—and that means securing the credentials. What are organizations getting wrong with password management, and how can they rectify it?

Read this post

Least Privilege: The Most Effective Approach to Endpoint Security

May 6, 2020

I always try to remind people that the principle of least privilege is not just about security, but about productivity as well. I have multiple customers who have decreased the number of tickets to their service desk by a whopping 75% by getting rid of end-user admin rights.

Read this post

API Security & Privileged Access Management

May 4, 2020

​Application Programming Interfaces (APIs) provide a vehicle for resources--irrespective of vendor, cloud technology, or even legacy on-premise solution—to exchange information and initiate tasks and workflows. Today, APIs are a powerful force behind the automation, integration, continuous development (CD), and secure development operations (DevSecOps) that is powering the next wave of technology innovation. Not all APIs are created equal and, most importantly, the security to prevent malicious abuse of the API can vary just as wildly between vendors as well serving similar functions.

Read this post

The Top IT Service Desk Priorities

April 30, 2020

As you look to optimize your service desk through 2020 and even beyond, you’ll probably realize that many of your IT service desk challenges have been around in one form or another for awhile. For example, an increasing volume of IT support tickets are being created and that they need to be handled with minimal budget uplift. Plus, there are heightened employee expectations – with corporate service providers, such as IT, expected to deliver capabilities on par with what the employees expect in their personal lives from consumer IT.

Read this post

3 DevOps Security Blind Spots and How to Mitigate Them

April 27, 2020

​Today it’s survival of the fastest. Product teams leverage DevOps practices and toolsets to get products and capabilities to the market and to their customers faster than ever. And today, with DevOps now well entrenched, it’s not just a matter of gaining a competitive edge, it’s a matter of keeping up with the competition. Learn the three primary secrets management-related security lapses, and how these can be curtailed in a way that minimizes end-user friction and supports the agility required across DevOps,

Read this post