SANS Institute Recommends Least Privilege Security Model to Reduce Impact of Zero-Day Attacks.BeyondTrust Supports SANS Updates to the Top 20 Attack Targets PORTSMOUTH, N.H. -- The SANS Institute The SANS Institute (SysAdmin, Audit, Networking, and Security) is a trade name owned by the for-profit Escal Institute of Advanced Technologies. SANS provides computer security training, professional certification, and a research archive. , the largest source for information security training and certification in the world, announced on Wednesday the 2006 update to the Top 20 Internet Security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. Vulnerabilities, this year dubbed the Top 20 Attack Targets. The first major trend noted was a surge in zero-day vulnerabilities. SANS recommends that companies implement a Least Privilege A basic principle in information security that holds that entities (people, processes, devices) should be assigned the fewest privileges consistent with their assigned duties and functions. environment to reduce the impact of these attacks. "A zero-day vulnerability is a known flaw in software that does not have a patch available. In 2006 we've seen a significant rise in attacks that take advantage of zero-day vulnerabilities, leaving a user or system unable to defend against the attack since no patch is available," said Marc Sachs, Director, SANS Internet Storm Center, and SRI International (company) SRI International - One of the world's largest contract research firms. Founded in 1946 in conjuction with Stanford University as the Stanford Research Institute, they later became fully independent and were incorporated as a non-profit organisation under U.S. . "This type of application-level attack is very hard to prevent with traditional flow-based schemes such as IDSs and firewalls. Likewise, consumer-oriented security solutions such as anti-virus software anti-virus software n → Antivirensoftware f usually cannot detect the initial outbreak of a zero-day exploit attack." Marco Peretti, CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. of BeyondTrust and architect of the first product to enable the security best practice of Least Privilege in Windows environments, agrees with SANS' findings. "When users and applications are given more privileges than necessary, organizations expose themselves to threats such as malware and data theft no matter what defense they have in place," said Peretti. "BeyondTrust Privilege Manager helps our customers eliminate security breaches that result from incorrect privilege assignment by allowing security administrators to restrict user privileges by attaching permission levels and privileges to applications through Group Policy." The SANS Top 20 Attack Targets states that protecting against zero day vulnerability exploitation is a matter of great concern for most system administrators. According to the 2006 Annual Update, SANS recommend the following best practices to reduce the impact of a zero day attack: * Follow the Principle of Least Privilege In computer science and other fields the principle of minimal privilege, also known as the principle of least privilege or just least privilege, requires that in a particular abstraction layer of a computing environment every module (such as a process, a user or a in setting user access controls, permissions, and rights * Restrict or limit the use of active code such as Java script or ActiveX in browsers * If you use Microsoft's Active Directory, take maximum advantage of Group Policy Objects to control user access * Do not rely on antivirus protection alone since zero-day attacks are often not detectable until new signatures are released "A huge security problem that Windows enterprises face is that many users must be given administrative privileges in order to run required applications. However, as we have seen, administrative privileges are easily exploited by zero-day threats and malicious users. So you have to ask yourself if you trust your existing security defenses," said John Moyer, CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of BeyondTrust. "BeyondTrust helps customers move beyond the state of trusting users and systems with excess privileges to implement a Least Privilege security model. All users can be restricted users by securely elevating the privileges of selected applications." About BeyondTrust BeyondTrust Privilege Manager was the first product to allow administrators to assign permissions to applications and tasks, enabling the security best practice of Least Privilege in Windows environments. BeyondTrust Privilege Manager has won many prestigious awards, including "Excellence in Management of Least Privilege - Customer Trust 2006" (Info Security Products Guide), "Best of TechEd teched adj. Variant of tetched. 2006 - Security Finalist " (Windows IT Pro/SQL Server Magazine), and "Best Product of 2005 - Policy Management" (MSD (MicroSoft Diagnostics) A utility that accompanied Windows 3.1 and DOS 6 that reported on the internal configuration of the PC. A variety of information on disks, video, drivers, IRQs and port addresses was provided. 2D People's Choice Security Award). |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion