See all insights
Two-Factor Authentication Solution for Windows & RDP Logons
Under a Cloud of Suspicion
Auditing File Access in the Cloud
Information Security Advice for SMB (Infographic)
The Role of File Auditing in Compliance
Key Indicators of Compromise to Prevent a Breach
Windows has more security features than any other operating system but is strangely lacking the fundamental and classic login session controls found in other environment like mainframe and midrange systems, UNIX and Netware.
Windows indeed lacks:
These are although important security controls that are required for an Information System to comply with major regulatory constraints (HIPAA, SOX, PCI, NISPOM, DCID 6/3, GLBA, US Patriot Act, FISMA…) and can efficiently mitigate insider threats.
And the threat of attack from insiders is real and substantial. The 2007 E-Crime Watch SurveyTM conducted with the U.S. Secret Service, Carnegie Mellon University Software Engineering Institute's CERT® Program and Microsoft Corp., found that in cases where respondents could identify the perpetrator of an electronic crime, 34% were committed by insiders (outsiders 37%, unknown 29%).
39% of these rogue insiders used compromised accounts to commit e-crimes, like unauthorized access to/use of corporate information, systems or networks, theft of intellectual property, theft of other information (including financial and customer records) and fraud (credit card, etc.).
Among best practices for the prevention and detection of insider threats recommended in the Common Sense Guide to Prevention and Detection of Insider Threats published by Carnegie Mellon University's CyLab, appear:
Major holes in Windows native login controls unfortunately do not allow to efficiently implementing such practices.
Share this page:
Free number for US & Canada: + 1-800-492-3951
GMT +1: +33 5 59 41 42 20