In the face of an increasingly alarming rate of cyber-attacks many organizations are rethinking their normal methods of network protection. Chris Paoli and Jeffrey Schwartz of Redmond Magazine reached out to industry experts and analysis for input.

This past March the intelligence community even went so far as to declare that cyber-attacks are now the nation’s biggest security threat, above even terrorism. No matter who you talk to, the consensus is strong: firewalls and anti-malware just don’t cut it against the sophisticated attacks of today. Gartner Inc. analyst and Research Director, Lawrence Pingree warns, “The threats that exist today are getting through many of today’s existing security controls. Advanced threat protection appliances that leverage virtual execution engines as a petri dish for malware are most effective to deal with the latest threats. Also, organizations much continue to upgrade their endpoint protection suites. The antivirus they bought several years ago is not the same as it is today”.

Lack of planning is often seen as the largest issue when dealing with these large scale security breaches and having only one strategy for IT security isn’t enough. Paoli and Schwartz suggest a segmented approach to handle each type of attack differently. “The fundamental difference between hackers who are trying just to show their muscles as cyber thieves [by] trying to get a financial advantage and governmental-sponsored attacks is in scale of operation,” says Leonid Shtilman, CEO of Viewfinity Inc. “It’s hard to believe that a group of two=to-three thieves could have developed Stuxnet [the computer worm used to attack Iran’s nuclear operations]. IT organizations may be well armed to protect databases containing credit-card data, but at the same time will not be prepared for an attack on Group Policies, which will lead to damage to the global infrastructure.”

In order to tackle these problems Gartner’s Pingree stresses the importance of staying abreast of IT security innovations – including privilege management. “Application control technology can play a significant hand in prevention of the latest attacks”, Pingree explains, “defense in depth and detect in depth are concepts that all customers should explore.”

The importance of increased protection is hard to argue with though, with a 40% increase in the number of breaches disclosed over the past two years alone. Shtilman explains a potential reason for the increase, “As several of the technical components of information systems have gotten more secure, attackers have shifted their focus to targeting the human link in these systems. [They] are finding it easier to trick people into giving them access to their credentials and using those access networks then to find ways to sneak into those same networks without credentials,” something which privilege management and removal of administrator rights can help with.

Read the FULL ARTICLE to see Paoli and Schwartz’s suggestions on how to start addressing these issues moving forward.

Join us for a webinar on July 26th featuring Viewfinity and PolicyPak Founder, Jeremy Moskowitz, on Granular Endpoint Protection via Application Control.

In this joint webinar, Viewfinity and Jeremy Moskowitz will demonstrate how to best protect your endpoints with true desktop and application lockdown, and manage the lockdown environment so that user productivity is not impacted.

Sign-up below!

Thursday, July 26, 2012 at 2 pm ET

Exciting news, you can now begin voting for Viewfinity Privilege Management in the People’s Choice Stevie Awards for Favorite New Products! 

It’s simple and quick to vote for Viewfinity:

1.     Click on the logo below

2.     Enter Viewfinity’s short code: V287P

3.  Hit submit and verify your vote on the final page

Thank you

There has been some noise surrounding Viewfinity since our expansion into the European market with an office in Oegstgeest, Netherlands in March of 2012.

Viewfinity exhibited alongside premier Microsoft partners at TechEd Europe 2012. Many IT professionals made their way to our kiosk to see a demonstration of Viewfinity’s latest product and were impressed with how its automation helps relieve IT of the burden of managing administrative rights.  They were especially interested how the product is designed such that it doesn’t impede end user productivity.

Continuing the trend…Viewfinity has partnered with e92plus Limited to distribute Viewfinity’s industry leading privilege management and application control solution through its reseller partners throughout the U.K.  The partnership with e92plus Limited follows recent Viewfinity U.K .customers wins including Aberdeen University and Oxford University Press. 

FierceGovernmentIT reported that Government Core Baseline (GCB), formerly known as FDCC, violations were found at a large energy company, along with other least privilege violations.  The company responded swiftly and remediation tactics underway, but are they enough to become compliant and reduce exposure to security risks?  They've started with the layered approach with patch management and password controls however our Energy & Utility clients have completely removed administrative privileges and are using Viewfinity Privilege Management to elevate privileges on the application level, closing down the loophole presented when users have administrator accounts. 

"The report also criticizes the power administration for not following the Government Configuration Baseline (formerly known as the Federal Desktop Core Configuration) on only two of its four server operating systems.