Just found this article about how to easily mitigate security exploits in Windows and it of course means running as a Power User or a Regular User. Most database programs require Power User status so that would be the most common for my clients and most of them run Quickbooks or some other database program.
Here are some numbers from the article.
-100% of Microsoft Office vulnerabilities are mitigated by configuring users to operate without administrator rights.
-By removing administrator rights companies will be better protected against exploitation of 94% of vulnerabilities in all versions of Internet Explorer, and 100% of those in IE 8.
-87% of vulnerabilities categorized as Remote Code Execution vulnerabilities are mitigated by removing administrator rights.
-Companies are better protected against 81% of Critical Microsoft vulnerabilities by configuring users without administrator rights.
-Of the total published Microsoft vulnerabilities, 64% are mitigated by removing administrator rights.
-In 2009, exploits of 53% of Windows operating system vulnerabilities can be diminished by configuring users as standard users.
-90% of Critical Windows 7 operating system vulnerabilities are mitigated by having users log in as standard users.
-Of all Windows 7 vulnerabilities ever published, 57% are mitigated by removing administrator rights.
-----
Source: BeyondTrust, Inc. http://www.beyondtrust.com/downloads/whitepapers/documents/wp039_BeyondTrust_2009_Microsoft_Vulnerability_Analysis.pdf
Wednesday, March 31, 2010
Done with School!
Hi everyone (who ever reads this blog),
I have completed my BS Degree in Information Assurance and Security on March 19th. The school is just checking my records to ensure I have completed everything and that I am in good standing..etc. Blah. But I am done. I'm happy and excited about the accomplishment.
Next I am going to be working on a certification called the Systems Security Certified Practitioner (SSCP), which is the little brother to the industry standard CISSP certification. I'll work on the CISSP at some point down the road. Also I will be working on a HIPPA certification since I have a lot of dental clients and it'll be nice for patient records to be safe. :)
Beyond those two items, not sure what I will do. Probably continue on with my Masters after those two certifications are done.
As for clients, I'm always looking and trying to get new clients. I've been trying to think of new ways to get clients but word of mouth is always the best for me so if anyone reads this and knows me, please try and push me off to your clients. I'd appreciate it because more clients = me staying in business. :)
Thanks
Mike
I have completed my BS Degree in Information Assurance and Security on March 19th. The school is just checking my records to ensure I have completed everything and that I am in good standing..etc. Blah. But I am done. I'm happy and excited about the accomplishment.
Next I am going to be working on a certification called the Systems Security Certified Practitioner (SSCP), which is the little brother to the industry standard CISSP certification. I'll work on the CISSP at some point down the road. Also I will be working on a HIPPA certification since I have a lot of dental clients and it'll be nice for patient records to be safe. :)
Beyond those two items, not sure what I will do. Probably continue on with my Masters after those two certifications are done.
As for clients, I'm always looking and trying to get new clients. I've been trying to think of new ways to get clients but word of mouth is always the best for me so if anyone reads this and knows me, please try and push me off to your clients. I'd appreciate it because more clients = me staying in business. :)
Thanks
Mike
Friday, March 12, 2010
What's new with Fortify IT, Inc
Hey All,
Sorry for the lack of updates but it's been really busy with work (A VERY GOOD THING) and I've been trying to finish up my Bachelor's degree. I'll be done March 19th and I'm very excited! I can't wait to finally finish this up. It'll be in Information Assurance and Security so then I can start implementing some things into my clients. As always, I'll keep you guys posted on any other fun techie stuff when it comes around.
Thanks for reading
Mike
Sorry for the lack of updates but it's been really busy with work (A VERY GOOD THING) and I've been trying to finish up my Bachelor's degree. I'll be done March 19th and I'm very excited! I can't wait to finally finish this up. It'll be in Information Assurance and Security so then I can start implementing some things into my clients. As always, I'll keep you guys posted on any other fun techie stuff when it comes around.
Thanks for reading
Mike
Subscribe to:
Posts (Atom)
