Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

German government issues guidelines on keeping computers secure

Avecto : 21 November, 2012  (Application Story)
Avecto has commented on the German Government IT security arm's advice on securing computers with effective user rights management
German government issues guidelines on keeping computers secure

Commenting on the BSI (Bundesamt für Sicherheit in der Informationstechnik), the German government's office for information security, publishing guidelines on how computer users can keep their machines secure, Avecto says that the agency has indeed recognized that the effective management of user rights is a very important part of building a secure desktop.  

According to Paul Kenyon, chief operating officer with the Windows privilege management specialist, in order to get the message across, the BSI allowed two different Windows 7-based computer systems to be attacked, and documented the results. The test system that followed the BSI guidelines did not suffer an infection, but the second, less secure system, suffered security flaws and infections to the machine.

"What is worth noting here is that the agency seems to favour the better protected desktop as the one that was up to date with its security patches, but our take-out is that the better protected desktop was running as a standard user, whilst the desktop that was compromised was running under admin rights," he said.

"This reinforces our long-standing advice to IT security professionals that careful control of privileged account management is central to the security strategy of any organisation, as least privilege translates to least risk when it comes to the security profile of a given system or group of systems," he said.

Kenyon went on to say that Windows users should also keep their systems up to date, as well as reducing the levels of risk still further by avoiding the use of Java wherever possible, and user different Web browser software for specific applications where possible.

More than anything, Kenyon says, the results of this German security agency test confirms that defending an IT system now requires multiple layers of security, as well as a firm handle on which features of the machine - the level of privileged access to high-level administration features - the user account gains access to.

The bad old days of using a single IT security application across all computers and using a `set it and forget it' strategy are now giving way to a more refined approach centering on patch management, use of multiple security applications and an effective Windows privilege management approach, he adds.

"Effective Windows security in the Year 2012 is a lot more complex than many IT users realise. The tests carried out by the BSI are an excellent confirmation of this, but IT security managers should not ignore the key issue of Windows privilege management," he said.

"It only takes the failure of a single element of a security strategy to allow malware in and, as this BSI test shows, the results can be quite devastating. Security requires a holistic approach, and our observations are that IT security professionals clearly need to factor in Windows privilege account management alongside their other defence strategies," he added.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo