republished from business2community
We buy billions of dollars worth of security software worldwide but most of it doesn’t do much to really protect our data. So much so that Brian Dye, Symantec’s senior vice president for information security recently said that “we [Symantec] don’t think of antivirus as a moneymaker in any way.” It seems as though customers are changing from protect to detect and respond. The shift raises the question as to whether today’s outlook on security software is needed at all or if there are other ways of achieving such levels of protection. With invasive bugs like Heartbleed, companies big and small will leave no server unturned to achieve the highest level of security compliance. Shifting access to software may be but one avenue to achieve this goal.
Cybersecurity is a $70 billion dollar industry and denying service is what companies are turning their focus to. It seems as though companies are assuming that hackers will into the system but minimizing their damage is most critical. It may be that giving administrators less access to each node in a network would actually increase security.
A case in point is the enterprise-class software that we all know and love, Microsoft. A study by British-based privilege management company, Avecto, which found that many critical vulnerabilities would be mitigated if default administration rights were removed across the enterprise. Simple enough. The company found that removing administrator rights can actually help with fixing these vulnerabilities.
How did Avecto come to this conclusion?
Avecto scoured all the security bulletins that were put out by Microsoft and looked for critical verbiage: “Users whose accounts who are configured to have fewer rights on the system could be less impacted than users who operate with administrative user rights.” In other words, they were looking for the statement in so many Microsoft bulletins that says that you don’t have to worry about certain vulnerabilities if you weren’t running as an administrator. The finding was that 92% of critical vulnerabilities would be mitigated if you weren’t running as an administrator!
However, all Microsoft products are not created equal. The product that most company-protected infrastructures must be most frightened of is Windows XP. By some measures, about 28% of the Web-using public is still using Windows XP, and these systems are going to be ripe for exploitation. Windows 8 was Microsoft’s attempt at replacing XP but it didn’t seem to go far enough with companies and consumers alike. This caused folks to stick with what they know: XP or Windows 7. Network engineers care so much because Windows 7 (while were at it, even Vista) are much better network security and manageability citizens than XP.
When you combine the critical vulnerabilities that running as administrator causes along with the fact that Microsoft will end support and cease issuing updates, you will begin to see why infrastructures are scared of the endless contagion. Where this hits is the consumer level when it comes to bring your own device (BYOD) and remote working environments. Let’s hope that this doesn’t create a global crisis because many countries, like China, have huge amounts of unlicensed computers running XP. Unleashing a virus onto hundreds of millions of computers would wreak havoc on individual and company information worldwide.