Leonid Shtilman Discusses IT Security Protection with Info Security Products Guide

by Mary Rose 10. February 2012 09:10

Leonid Shtilman, CEO and Co-founder of Viewfinity, talks with Rake Narang, Editor-in-Chief, of Info Products Security Guide about the Level of IT security protection provided by removing administrative rights as compared to other forms of endpoint protection, such as antivirus.  

Rake Narang: What security threats are most enterprises least prepared to subvert?

Leonid Shtilman: The security threats that most enterprises are not fully prepared to mitigate are advanced security threats, i.e. threats which are not yet covered by antivirus. One of the most popular ways to infiltrate servers is to exploit administrative rights on endpoints and, through that path, get into a position that allows for an attack on the vital part of the enterprise infrastructure. A growing and highly-regarded opinion among IT professionals is that controlling rights on personal computers and servers is a crucial part of any security solution. Adhering to the principle of least privilege is in the best interest of all companies, whether in the commercial sector, healthcare, within government agencies, etc.

Rake Narang: What are some of the most common but critical mistakes still happening in IT security?

Leonid Shtilman: In every organization there exists a somewhat buried but very dangerous keyhole: the presence of local administrator accounts. Local administrator accounts are often times created directly by users and are hidden from the IT manager’s standard tracked list of administrative accounts managed by Active Directory and can be used by malware to install malicious software on local computers through the administrator account.  Further penetration into the IT environment is then accessible through this loophole.  It is essential that IT security and operations managers have a method for mitigating this common but critical IT security risk.

Rake Narang: How would you compare the level of IT security protection that removing administrative rights provides with other forms of endpoint protection, such as antivirus?

Leonid Shtilman: Antivirus will stop known threats, while the principle of least privilege via the removal of administrative privileges can help to combat risks that are presently unknown to antivirus software that can threaten to exploit administration rights.  It’s the same protection principle as anti-virus, just with a different approach.  Companies wouldn’t go without antivirus – so why would they give administrative rights to users when there is a way for properly managing privileges without exposing the company to unnecessary security risks?

 

Comments

Powered by BlogEngine.NET 1.4.5.0
Theme by Mads Kristensen

Calendar

<<  November 2014  >>
MoTuWeThFrSaSu
272829303112
3456789
10111213141516
17181920212223
24252627282930
1234567

View posts in large calendar

About Viewfinity

Viewfinity provides privilege management and application control for desktops, laptops and servers, empowering enterprises to meet compliance mandates, reduce security risks, and lower IT costs. The Viewfinity solution allows enterprises to control end user and privileged user rights for applications and systems which require elevated permissions. Viewfinity's granular-level control enables companies to establish and enforce consistent policies for least privilege Windows-based environments based on segregation of duties. For more information, visit www.viewfinity.com.

Follow us on Twitter: viewfinity
Find us on LinkedIn: www.linkedin.com/companies/viewfinity
Become a fan on Facebook: www.viewfinity.com/facebook