dcsimg

Could basic password security practices have helped prevent the latest Equifax lawsuit?

Fallout from the 2017 Equifax data breach is back in the news as a new class-action suit consolidated 373 previous lawsuits into one. Unlike previous lawsuits filed by Equifax customers, the latest action comes from shareholders that allege the company didn’t adequately follow or disclose security practices, including poor password management. If you google, “what is the most common password?” … [Read more...]

Limit access for third-party vendors without restricting their ability to get work done

Companies often work with outside experts, consultants and other third-party vendors who need privileged access to corporate resources. These third-party entities can’t do what they were hired to do if their access is too restrictive. You can’t maintain a strong security posture if access and oversight are too lax. How do you, a security professional, walk the line to provide just enough access … [Read more...]

The Real Cost of PAM Software

A low price tag for PAM software doesn’t necessarily mean it’s the best overall value. Enterprise-scale PAM, like most software purchases, typically involves more than the initial license fee. Depending on your security goals, internal resources, and specific IT environment, you may need to plan for additional costs. It’s important to identify the total cost of PAM ownership as clearly as you can … [Read more...]

Cloud Use Cases: Critical PAM controls to secure a modern cloud environment

Virtually all cloud security failures will be the customers’ fault. That’s what Gartner believes the future of cloud security for the enterprise will look like within the next four years. More than half of cloud security issues will be caused by inadequate management of identities, access and privileges. “The challenge exists not in the security of the cloud itself, but in the policies and … [Read more...]

You break it, you buy it: Fear of unknown dependencies hinders service account governance

Thousands of services run on a typical corporate network. They include multiple services which are core to network security, network services, and IT automation, such as Windows services, scheduled tasks, batch jobs, application pools within IIS, and more. To connect automatically across a network to databases, file systems, and network services, these services rely on privileged service … [Read more...]

6 PAM Technology Integrations That Should Be On Every PAM Admin’s To-Do List

Mastering the art and science of integrating other technologies with PAM solutions to enable maximum cyber security visibility and efficiency is no small task. Start from the premise that PAM controls work best when they are integrated with other IT and cyber security tools.  With tight integration, the IT Admin with an advanced level of knowledge can help his or her organization gain better … [Read more...]

Are We Becoming an Industry of PAM “Haves” and “Have-Nots?”

We are worried. A few years back, Gartner reported that more than 65% of organizations allow unrestricted, unmonitored and shared use of privileged accounts. (Forecast Snapshot: Privileged Access Management, Worldwide, 2017). Surely, we thought, with high-profile cyber-attacks in the news and rapid growth of the PAM industry, that number must be decreasing. So, at the beginning of this year, we … [Read more...]

The new cloud security question PAM experts need to answer

Enterprises are no longer asking, “is the cloud secure?” with the same anxiety and fear they expressed just a few years back. As long as cloud-based IT resources are protected in a highly secure environment (such as SOC2 data centers) and demonstrate advanced security controls, enterprises have gotten on board the cloud train. The pace and scale of cloud adoption has accelerated rapidly. Today, … [Read more...]