As Hurricane and Tornado season kicks into full gear this summer we wanted to share some tips with you about Cyber Looting.

Did you know that Natural Disasters like last fall’s Super Storm Sandy can result in an increased risk of cyber looting? Whether it is a long-term power outage, destroyed network hardware or weather that keeps staff out of the office for an extended period of time, natural disasters can open up organizations, and individuals for that matter, to digital asset threats.

Often, these cyber looting events go unnoticed for extended periods of time during a natural disaster, simply because no one is present to log onto the networks and see that something is amiss. Proper Privilege management and removal of administrator rights can help reduce this risk by decreasing the chance that a hacker can cause damage to your organization’s networks.

Read the FULL ARTICLE on Security-Daily (www.security-daily.com) to learn how the Viewfinity Privilege Management solution can help secure your organization when disaster hits.

I was recently asked by a top security journalist about my thoughts regarding mapping compliance to existing security practices.  The basis for the conversation revolved around how security pundits view the prioritization of managing risk, compliance and how the subsequent auditing of such practices might be tackled.  My thought process started at the bottom line and worked its way from there: Formulation and implementation of compliance requires substantial time, while threats and countermeasures are much more dynamic -- compliance will always lag behind protection measures.

A big issue when it comes to security audits and standards for securing IT systems is how we deal with the evolving nature of the threats we're protecting against. There are a couple of different elements to this problem: one is that we're still not certain exactly what those security standards should be to best protect against current threats and appropriately mitigate risks in proportion to the cost of defensive measures.

Another major issue, however, is the evolving nature of these threats. Even if auditors are able to come up with a perfect set of security standards for companies to comply with--and they're not--the nature of the threats that are being defended against is constantly changing.

Perhaps a certain type of defense mechanism is particularly effective today, but as soon as it becomes a standard that the industry is expected to comply with, attackers are likely to focus considerable resources on finding ways around it, at which point compliance with yesterday's standards may no longer be adequate. In order for risk management and compliance to be effectively implemented and coordinated in this space, it is essential that compliance standards include some consideration of how well organizations are doing at adapting to new threats and updating their security measures accordingly.

This is a much more difficult thing to measure than a simple yes-or-no checkbox for whether or not a company is using encryption, but it is essential for compliance and audit regimes in cyber security to take this into consideration if they wish to accurately reflect the security of a given network.

In terms of how to actually do the mapping back to regulations-- it might be worthwhile to have organizations go beyond simply listing what security mechanisms they do or do not have in place for auditors and instead include some broader discussion of the decision-making process that informed those decisions.

In the face of an increasingly alarming rate of cyber-attacks many organizations are rethinking their normal methods of network protection. Chris Paoli and Jeffrey Schwartz of Redmond Magazine reached out to industry experts and analysis for input.

This past March the intelligence community even went so far as to declare that cyber-attacks are now the nation’s biggest security threat, above even terrorism. No matter who you talk to, the consensus is strong: firewalls and anti-malware just don’t cut it against the sophisticated attacks of today. Gartner Inc. analyst and Research Director, Lawrence Pingree warns, “The threats that exist today are getting through many of today’s existing security controls. Advanced threat protection appliances that leverage virtual execution engines as a petri dish for malware are most effective to deal with the latest threats. Also, organizations much continue to upgrade their endpoint protection suites. The antivirus they bought several years ago is not the same as it is today”.

Lack of planning is often seen as the largest issue when dealing with these large scale security breaches and having only one strategy for IT security isn’t enough. Paoli and Schwartz suggest a segmented approach to handle each type of attack differently. “The fundamental difference between hackers who are trying just to show their muscles as cyber thieves [by] trying to get a financial advantage and governmental-sponsored attacks is in scale of operation,” says Leonid Shtilman, CEO of Viewfinity Inc. “It’s hard to believe that a group of two=to-three thieves could have developed Stuxnet [the computer worm used to attack Iran’s nuclear operations]. IT organizations may be well armed to protect databases containing credit-card data, but at the same time will not be prepared for an attack on Group Policies, which will lead to damage to the global infrastructure.”

In order to tackle these problems Gartner’s Pingree stresses the importance of staying abreast of IT security innovations – including privilege management. “Application control technology can play a significant hand in prevention of the latest attacks”, Pingree explains, “defense in depth and detect in depth are concepts that all customers should explore.”

The importance of increased protection is hard to argue with though, with a 40% increase in the number of breaches disclosed over the past two years alone. Shtilman explains a potential reason for the increase, “As several of the technical components of information systems have gotten more secure, attackers have shifted their focus to targeting the human link in these systems. [They] are finding it easier to trick people into giving them access to their credentials and using those access networks then to find ways to sneak into those same networks without credentials,” something which privilege management and removal of administrator rights can help with.

Read the FULL ARTICLE to see Paoli and Schwartz’s suggestions on how to start addressing these issues moving forward.

This Wednesday - May 8^th, 2013 - Phil Stasko, Director of IT for Apex Companies will present a case study for removing administrator rights without impeding user productivity. Join us for this informative webinar. 

Faced with the challenge of maintaining endpoint security and application control with a limited IT team, Apex was driven to find a cost effective and premium solution for removing administrator rights.

Join in to hear Stasko outline how he sought an approach with Viewfinity Privilege Management that would reverse the previously ineffective and costly way to manage privileges on locked down endpoints, without having a negative impact on user productivity. This live session will also demonstrate how to whitelist and manage user privileges with the Viewfinity solution.

Join us for the webinar, Wednesday, May 8^th at 9:00am Pacific / 12:00pm Eastern Time. Click here to register for the event.

In this video, Shtilman sits with SC Magazine reporter, Danielle Walker, to discuss privileged management and ways organizations can secure corporate accounts.

"An effective security strategy should include adequate privileged management security practices. Certain applications should be whitelisted, others blacklisted, and those that fall between the lines are graylisted. According to Leonid Shtilman, CEO of Viewfinity, graylisted applications are the ones that need to be monitored closely. They need to put under restrictive modes that won't allow the application to access corporate data, thus limiting the amount of damage that can be done if an intruder happens to gain privileged access to an employees account."

Read more:  http://www.scmagazine.com/video-privileged-access-in-the-enterprise/article/288300/ 

A Fine Line

 Print This
 Email This
 Bookmark/Share 
 Most Popular

If “time is money,” no one knows this better than Movado. The premier watchmaking company, based in Switzerland and Paramus, N.J., designs, manufactures and distributes some of the world’s most recognized brands including Ebel, Coach, Hugo Boss, Juicy Couture, Lacoste and Tommy Hilfiger.

The company has distribution offices around the world and a workforce of more than 1,100 desktop and laptop users, running an average of more than 30 applications. The company has always focused on best practices to proactively protect the entire organization, but the number of applications and employees’ ability to access them were creating problems.

Specifically, Movado’s IT help desk was being inundated 24 hours a day with support calls for everything from spyware and popups that impacted computer performance to installing new printers. Even simple issues were impacting productivity, when employees had to wait for an on-site visit from IT personnel to fix a problem.

The solution was privilege management software from Viewfinity that enabled the company to control and streamline its systems and eliminate “nuisance” calls to the help desk.

Read the full article here:  http://www.stores.org/STORES%20Magazine%20November%202012/fine-line 

User Privilege Management: Not Just for Linux

Posted by Haim Lichaa in Open Port IT Community on Apr 2, 2012 3:34:32 PM

I came across this blog article and was impressed with the author's clear articulation of “Least Privilege Management” beyond the Linux world.  His analogy of the “Honor System” explains the situation with finesse.  For all you IT Security Pros, I recommend reading the article:

http://communities.intel.com/community/openportit/blog/2012/04/02/user-privilege-management-not-just-for-linux

Viewfinity Privilege Management 4.0 was honored with a Stevie® Award in the New Product or Service of the Year - Software - Security Solution category in The 10^th Annual American Business Awards.  Viewfinity stands out as the only privilege management vendor to be awarded the Stevie Award in 2012.  More than 3,000 nominations from organizations of all sizes and in virtually every industry were submitted this year for consideration in a wide range of categories. Stevie Award winners were selected by more than 270 executives nationwide who participated in the judging process this year. 

"The Stevie Award reflects our dedication to developing and delivering the industry's most advanced and reliable privilege management solution,” said Leonid Shtilman, CEO, Viewfinity. “It’s an honor to have won this distinction out of an extensive list of nominees, and we are equally as proud to have this recognition come alongside established, proven products from RSA, HP, GFI, SecureAuth and Threatmetrix.”

If you missed the popular webinar with Group Policy Guy and Microsoft Group Policy MVP, Darren Mar-Elia and Viewfinity on Windows 7 Security and Managing UAC Prompts, then you can catch the recording here.

SC Magazine Australia, one of the information security industry's leading news and product evaluation sources, gave the Viewfinity Privilege Management solution a 5-star rating (five out of five stars) in the 2012 Risk and Policy Management category. 

Peter Stephenson of SC Magazine Australia said “Overall, we find this product to be a good value for the money due to its comprehensive feature set and ease of management and automation abilities.”

Have a look, the article is online here