dcsimg

(SSH) Keys to Unix Security

Root accounts are the keys to powerful IT systems, the backbone of your entire infrastructure. They use privileged credentials to control shell access, file transfers, or batch jobs that communicate with other computers or apps, often accessed remotely, with local configuration. They can be the trickiest of all types of privileged accounts to secure, particularly if they are based on Unix or … [Read more...]

Ostriches, Zero Day Exploits, and the Elusive CyberSec Expert: Why SMBs Should Implement Cloud-Based PAM

Small and medium-sized businesses (SMBs) face a cyber security trifecta. Cyber criminals are increasingly targeting the most vulnerable businesses (not just the biggest fish). Sophisticated attackers quickly take advantage of newly revealed vulnerabilities. And, cyber security professionals are in short supply. Maybe SMBs aren’t aware that they can use the same types of security systems as larger … [Read more...]

Incident Response: Are You Breach-Ready?

It’s no longer rare to see cyber-attacks in the daily news. From ransomware to data breaches to DDoS (Distributed Denial of Service) attacks, the incident is usually attributed to either cyber criminals or nation states, and almost always comes from beyond our own country’s borders and laws. Because of this, we worry about clicking on a web page or opening an attachment in an email, never … [Read more...]

Back to the Basics: The problem with forcing regular password expiry

For many people and organizations around the world a single password is sometimes the only security control protecting their sensitive information, access to email and even their bank account. The traditional password best practice was to create a long, complex password that only you would know, and it protected one or two accounts; you likely used it to sign into Active Directory or email … [Read more...]

Privileged Account Management and Identity Access Management: Same Family, Different Strengths

From a cyber criminal’s point of view, obtaining privileged account information has the highest ROI of any attack strategy. A malicious actor with privileged account passwords in hand could infiltrate key databases and access highly sensitive data. To obtain this information, attackers use increasingly sophisticated tools and social engineering techniques which are extremely difficult for even the … [Read more...]

The EU GDPR is now in effect. What has happened so far?

Finally, the time has come. May 25th 2018 is now in the past, and the EU GDPR has come into effect after a two-year transition period. The earth is still rotating, the internet still kind of works. So what has happened, and have any lessons been learned yet? EU GDPR and Data Privacy Email SPAM MONTH Well firstly, we all lived through “spam month” as EU GDPR and Privacy updates poured into our … [Read more...]

The EU GDPR is now in effect. What has happened so far?

Finally, the time has come. May 25th 2018 is now in the past, and the EU GDPR has come into effect after a two-year transition period. The earth is still rotating, the internet still kind of works. So what has happened, and have any lessons been learned yet? EU GDPR and Data Privacy Email SPAM MONTH Well firstly, we all lived through “spam month” as EU GDPR and Privacy updates poured into our … [Read more...]

Gartner: Privileged Access Management is the #1 Cyber Security Priority for 2018

A recent report from Gartner reveals the top IT Security Projects for 2018 with Privileged Access Management as #1, Application Control #4 and Protecting Endpoints #6. Before we get into why Privileged Access Management (PAM) is the #1 Cyber Security Priority in 2018, let’s take a quick look at what lead up to this change Senior executives are more involved in cyber security than ever before.  In … [Read more...]

2018 Cyber Security Breaches: Client Concerns, Opportunities for Solution Providers

Cyber-criminal groups have an extensive arsenal of surveillance and research methodologies they use to search for even the smallest of vulnerabilities in your cyber security protections—vulnerabilities that enable them to infiltrate your organization, gather intelligence and access your systems. Thycotic’s 2018 Global Channel Partner Survey Report indicates that these cyber-criminals are largely … [Read more...]

Seven reports you can share with auditors and execs to demonstrate proactive privilege management

All major compliance bodies recommend or require a least privilege policy to protect sensitive data. Removing local administrative access on user workstations is a fundamental strategy for endpoint security to protect against both internal and external threats. Auditors will see that you have implemented a proactive security strategy to prevent malicious activity and accidental data breaches By … [Read more...]