dcsimg

How can you prevent insider threats when none of your insiders are actually “inside”?

Security teams can be so focused on blocking cyber attacks from outside that they turn a blind eye to potential threats within their own organizations. In fact, 34% of all breaches are caused by insider threats. Insider threats are uniquely difficult to defend against because insiders inherently require an elevated level of trust and access to get their jobs done. For example, system … [Read more...]

Thycotic named leader in new KuppingerCole Leadership Compass

Why innovation has become so important to Privileged Access Management As noted in the 2020 KuppingerCole Leadership Compass, Privileged Access Management (PAM) is one of the fastest growing areas of cyber security today. Forty PAM vendors now compete for annual revenues that will total $2.2 billion this year and will more than double to $5.4 billion by 2025. Analyst Paul Fisher, author of the … [Read more...]

Privileged Access Management: The Great Cloud Migration

Migrating your PAM instance to the cloud can look from the outset like a pretty daunting task. How, exactly, do you go about transporting what may be years of data and highly sensitive information to a new home? It’s often said that migrating to the cloud is like moving houses, and that’s one of the most stressful life events you can go through. You prepare for a move as best you can, pile your … [Read more...]

A Guide to Managing and Securing Privileged Users

Organizations often have two to three times more privileged user accounts than individual employees. Securing these special accounts is vital to protecting sensitive information and critical systems from cyber attack. To help people stay productive, you must provide appropriate access for privileged users while also minimizing risk. Privileged users require special handling, training, and … [Read more...]

PAM and AWS: Keeping pace with AWS privileged accounts

Amazon Web Services (AWS) gives IT and development teams tools to move fast and change direction on a dime. Privileged accounts for AWS resources are created quickly and may be abandoned just as quickly. With such a fluid process, it’s difficult for security teams to stay on top of how many privileged accounts have access to AWS, make sure they’re set up properly, and remove them when they’re no … [Read more...]

PAM in the cloud vs. PAM for the cloud. What’s the difference?

“Are you talking about PAM in the cloud or PAM for the cloud?” “Wait, what’s the difference?” We hear these questions a lot from our customers. And, we have to admit the “PAM in the cloud vs. PAM for the cloud” debate has caused some confusion even in our internal meetings. Cloud has exploded. Simply inserting the word “cloud” into conversation seems to indicate a modern, agile approach to IT. … [Read more...]

Could basic password security practices have helped prevent the latest Equifax lawsuit?

Fallout from the 2017 Equifax data breach is back in the news as a new class-action suit consolidated 373 previous lawsuits into one. Unlike previous lawsuits filed by Equifax customers, the latest action comes from shareholders that allege the company didn’t adequately follow or disclose security practices, including poor password management. If you google, “what is the most common password?” … [Read more...]

Limit access for third-party vendors without restricting their ability to get work done

Companies often work with outside experts, consultants and other third-party vendors who need privileged access to corporate resources. These third-party entities can’t do what they were hired to do if their access is too restrictive. You can’t maintain a strong security posture if access and oversight are too lax. How do you, a security professional, walk the line to provide just enough access … [Read more...]

The Real Cost of PAM Software

A low price tag for PAM software doesn’t necessarily mean it’s the best overall value. Enterprise-scale PAM, like most software purchases, typically involves more than the initial license fee. Depending on your security goals, internal resources, and specific IT environment, you may need to plan for additional costs. It’s important to identify the total cost of PAM ownership as clearly as you can … [Read more...]

Cloud Use Cases: Critical PAM controls to secure a modern cloud environment

Virtually all cloud security failures will be the customers’ fault. That’s what Gartner believes the future of cloud security for the enterprise will look like within the next four years. More than half of cloud security issues will be caused by inadequate management of identities, access and privileges. “The challenge exists not in the security of the cloud itself, but in the policies and … [Read more...]