Top 10 Keys to Successful Least Privilege Adoption Via Application Control

Gone are the days when a security team could select a new tool, turn it on, and expect everyone in the organization to adjust. When security hinders the business, the business fights back. Users now have numerous ways they can work around security tools and policies to get their job done. Least privilege is a fundamental aspect of endpoint security, but it can’t be enforced without thoughtful … [Read more...]

Top 5 Ways to Win your CEO/CTOs Heart

In today’s always-connected world it’s important to realize that, historically and traditionally, cybersecurity was the responsibility of the IT department. Any time a cyber incident or data breach occurred or security questions arose, these got deferred to IT for the answers. Failure to translate cyber risk into business risk has left many businesses clueless But with today’s massive data … [Read more...]

Which of your endpoints is most likely to let an attacker inside?

Is your organization trying to reduce the risk of malware or ransomware in 2018?  Knowing where to start can be the hardest part.  The following risk factors can increase the odds of a cyber attack, and being aware of them can help you focus on and secure your most vulnerable endpoints. Any machine that users check their email on is a high-risk endpoint Malware and ransomware email attacks are … [Read more...]

Data Privacy Day: Where has privacy gone, and will we ever get it back?

Privacy is gone, but never forgotten. Can our current path even be reversed? Yes, the end of privacy as we know it is closer than you may think.  Privacy definitions are very different between nation states and cultures, though one common thread is that privacy is becoming less of an option for most citizens, globally. In the coming years, we are going to see major head-to-head debates between … [Read more...]

Why is least privilege the place to start for endpoint security?

Because it will save you time and money.   Your end user’s computers are increasingly exploited as an attack vector used to attain accounts with local administrator rights on Windows or root access on Mac OS. There are a lot of solutions that promise malware detection and prevention. And you can buy more and more software to try to prevent these things from happening on the front lines. But … [Read more...]

Cyber Security Responsibilities: Who owns your organization’s PAM Policy Template?

Who is responsible for creating, implementing and overseeing your organization’s Privileged Account Management Policy template? And what is at risk if no individuals or departments are named to ensure that your users and systems are in compliance with your PAM Policy? Let’s get the easy part out of the way: if your organization has its PAM Policy clearly defined in a template, yet users are left … [Read more...]

The #1 priority for improving cybersecurity? Implementing a Privileged Account Management Cycle approach!

In a white paper released in October 2017 by analyst firm KuppingCole, Martin Kuppinger makes the case for why companies need to pay more attention to privileged account protection at all levels. Entitled, “Protecting the keys to your kingdom against cyber-attacks and insider threats,” he points out that Privileged Account Management is far more than just managing a few administrators and some … [Read more...]

Cyber Security: What we’ve learned in 2017 to get ready for 2018

Well, it’s been a very interesting year with a few surprises along the way, but as expected, cyber crime grew, financial impact was huge and many companies struggled to recover. Cyber attacks will be the biggest threat to every person and business on earth Cyber security is quickly becoming part of everyone’s daily life and can no longer be separated into personal and work life. In the past cyber … [Read more...]

MSPs at Risk: You are at serious risk if you are not properly managing your clients’ credentials

I ask MSPs: How secure are the clients’ passwords you manage today? As an MSP you must meet special security needs because you hold critical privileged passwords, not only your own organization, but for your clients’ as well. Do you have an accurate answer for these questions, or are there some unknowns in your organization? Who, in your company, was the last person to access their … [Read more...]

SSH Key Management: why you should never manage SSH keys manually

Has your organization moved beyond simple user name and password schemes for accessing Unix and Linux systems by relying on SSH keys to allow access? If so, congratulations! You have greatly increased your overall security posture. However, if your organization is managing SSH keys manually, you have a long way to go before you can feel confident that your SSH keys are secure. What makes SSH key … [Read more...]