Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Small Business Hacks are on the Rise – How Resource-strapped SMBs Can Combat this Growing Threat

July 7, 2016

  • Blog
  • Archive

Small Business Hacks are on the Rise

Large financial organizations have long been the target of hackers. And we know that the millions of accounts exposed to a breach or the hundreds of millions of dollars at risk make for scary headlines. With all the attention from hackers, large companies have invested heavily in preventative and reactive security software.

But a recent article in Fortune highlights how attackers are now preying on smaller organizations since large organizations and big banks have spent years tightening their security.

What does this mean? Smaller organizations have now become the next best target.

Developing and maintaining a security plan is not something that comes easy, especially for resource-strapped small and medium-sized businesses. There are multiple layers of security and a magnitude of companies for each layer offering that “magical solution.”

Start with the end user and work inward from there.

It has been widely demonstrated that end users are the weakest link. If you read the annual Verizon Data Breach Investigations Report or Data Breach Digest they are filled with incidents that highlight this weakness.

If your goal is to strengthen the weakest link – while not sacrificing end user productivity – then consider starting with endpoint least privilege. With a focus around the concept of least privilege, a security model of providing users Just Enough Rights (JER) to perform the tasks and duties related to their roles, SMBs can centralize reports on user behavior, and detect out of band actions.

As a practical application to least privilege, end users can log in and execute applications as a standard (non-administrative) user. If the user needs to run an application with elevated rights then – based on a policy, application reputation or other factors – the application can run with higher privileges without changing the privileges of the user or other applications. This helps to protect against malicious software, ransomware, escalation attacks and unauthorized lateral movement within organizations that originate at the endpoint.

Capabilities to include in an evaluation of an endpoint least privilege solution include:

  • Removing excessive rights, elevating privileges to applications, not users
  • Using rules to block list, allow list, and grey list applications without managing massive database of signatures
  • Providing vulnerability and risk visibility into applications targeted for privilege elevation
  • Discovering, managing, and monitoring privileged passwords automatically
  • Analyzing, recording, and reporting on privileged password, user and account behavior

The end result is that an SMB can simplify the enforcement of least privilege, reduce risk by enabling better application control on the endpoint, and reduce risk from suspicious user and system activity.

As the SMB market becomes the primary focus of attacks it is critical to have a solid security architecture that is both capable of preventing malicious actors while still allowing employees the freedoms required for their jobs. BeyondTrust provides solutions to address the critical aspects of security, and allows a centralized view rarely seen in the industry today. If you would like to see a demo of any of these capabilities, contact us today.

Jason Silva, Sr. Solutions Engineer, BeyondTrust

Jason Silva brings over 25 years of solutions and management experience to the industry. Currently serving as Senior Solutions Engineer for BeyondTrusts' Universal Privilege Management Platform, he uses this knowledge to help customers realize the value of our solutions throughout the product lifecycle. Earlier in his career, he found success as a software developer in a global consulting company and spent over four years managing IT and Regulatory Compliance in the banking industry.

Specialties: Microsoft Active Directory, Microsoft Group Policy, Pre and Post Sales Training, Sales Engineering, Enterprise Security Tools, Privileged Access Management

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.