New Readers

 
Home Awards Welcome Industry Voices Become Sponsor Banquet Tickets Be A Judge Merchandise Previous Winners About GBA
 
Mark Austin: Security threats that enterprises might not immediately consider

Avecto is the market leader in privilege management, helping organizations to deploy secure and compliant desktops and servers. With its award winning Privilege Guard technology, organizations can now empower desktop users and server administrators with the privileges they require to perform their roles, without compromising the integrity and security of their systems.

Companies of all sizes rely on Avecto to reduce operating expenses and strengthen security. Our mission is to enable our customers to lower operating costs and improve system security by implementing least privilege.

As a McAfee SIA Plus and Microsoft Gold Partner, Avecto has built a network of system integrators and channel partners to provide its customers with the very best solutions.

Rake Narang: What is least privilege management? How does least privilege translate into a least risk scenario?

Mark Austin: A least privilege approach to IT security, it its simplest form, is the removal of administrative rights from users and assigning privileges directly to the applications and tasks that require them.

There are many dangers with permitting users to log on with admin accounts, whether it is accidental damage by the user, deliberate abuse of privileges, or malware taking advantage of the privileged user account and burying itself deep inside the operating system. If you take the approach of removing admin rights completely then user productivity takes a heavy hit, as employees are left struggling to perform simple, day-to-day tasks, like connecting a printer or installing a software update.

With least privilege, organizations can strike the perfect balance between user productivity and security, as users log on with a standard user account and privileges are assigned directly to applications through centrally managed policies.

About Mark Austin

Rake Narang: Why would customers, particularly those within heavily-regulated industries, adopt the principle of least privilege management to secure their corporate network?

Mark Austin: As regulatory bodies continue to dictate security initiatives within heavily-regulated industries, such as finance and healthcare, least privilege management will play a key role in ensuring companies are in line with internal and external compliance. Several compliance mandates, including the Monetary Authority of Singapore (MAS TRM) now place much greater emphasis on desktop and server security, particularly with regard to access privileges. In fact, MAS TRM has one section dedicated entirely to least privilege, encouraging tight restriction of privileged accounts and only granting them on a ‘need-to-have’ basis.

Compliance mandates are increasingly stipulating these standards because of the risks posed by granting excessive privileges to staff, which make them a target for cyber-attacks. There is strong evidence that least privilege is one of the most effective ways of mitigating malware attacks, especially when used in conjunction with other proactive security measures such as effective software patching and application control.

With a least privilege model, highly-regulated industries can rest more easily, knowing that their endpoints are more difficult to penetrate and knowing that they are in adherence with regulatory bodies.

Rake Narang: What are some examples of security threats that enterprises might not immediately consider?

Mark Austin: As the sophistication of malware advances, organizations are investing heavily in new security controls and policies, often overlooking one major (but avoidable) vulnerability - the human aspect of IT practice. The reality is that the vast majority of today’s breaches continue to stem from internal end-users, as opposed to external threats. Furthermore, these users don't necessarily have to be disgruntled or have malicious intent to be a threat. In fact, many of the leading threats faced by enterprises today implicate unknowing employees. It has become all too common for these kinds of employees to introduce malware onto the corporate network. For instance, they might unwittingly visit an infected website or open an email attachment hosting infected content – simple mishaps that could cost their organizations millions in compromised data.

Rake Narang: How do Avecto’s solutions resolve the issue of unwitting end-users introducing malware onto a corporate network?

Mark Austin: It is well documented that traditional approaches to malware detection are failing, as they are reliant on recognizing known threats. With an increase in targeted attacks, more proactive measures are required to protect an organization. Least privilege should be the cornerstone of endpoint security, as it removes one of the prime vectors for advanced threats – the privileged account. Sophisticated attacks will target privileged accounts, as it enables malware to infect deep inside the operating system and cloak itself from security solutions and subsequent detection. Once buried at the kernel level, it can systematically spread to other privileged accounts, working its way across the corporate network and into the datacenter.

Avecto’s Privilege Guard solution enables organizations to remove admin rights from users and implement a least privilege approach. Although no one solution can claim to completely eradicate malware threats, least privilege is a proven approach to significantly reducing the impact of these threats. When used as part of a defense-in-depth strategy with other proactive solutions, such as application control, many of the most dangerous malware threats can be eliminated completely.

Company: Avecto
Hobart House, Cheadle Royal Business Park, Cheadle, Cheshire SK8 3SR United Kingdom

Founded in: 2008
CEO: Mark Austin
Public or Private: Private
Head Office in Country: United Kingdom
Products and Services:
Privilege Guard is an enterprise class privilege management solution that enables organizations to implement least privilege across desktops and servers.

· Privilege Guard Group Policy Edition - Provides centralized management of Privilege Guard through Active Directory Group Policy, enabling it to handle the largest enterprises, while still appealing to small and medium size businesses.

· Privilege Guard ePO Edition - Provides complete management of Privilege Guard through McAfee ePolicy Orchestrator (ePO), enabling IT administrators to deploy the Privilege Guard client, manage policies and report on privileged activity, all from a single management console.

· Privilege Guard Enterprise Reporting Pack - Provides rich dashboards, trend analysis and the ability to drill down to detailed reports. It allows IT administrators to track application usage, user requests and privileged account logons across the enterprise.


Company’s Goals: Our mission is to enable our customers to improve system security, empower users and lower operating costs through the implementation of least privilege.
Key Words: Least Privilege, Privilege Management, Desktop Security, Server Security, Endpoint Security, IT Security, Administrative Rights, Insider Threat, McAfee, ePO
Interested in an Executive Interview with Golden Bridge?
Want to tell us more about your company, products and more? We are currently doing written interviews with executives and PR professionals from all over the world in the business world. If you are interested, please submit your requests for interviews here.