dcsimg

Remote Worker Security: The Risks, Challenges, and Solutions

The concept of working remotely, or granting remote access, isn’t anything new for most IT professionals. Most organizations have embraced a remote workforce, be it their own employees, contractors, consumers, business partners, and managed service providers. What does “working remotely” mean today? For IT professionals, remote access had been thought of as performing your job … [Read more...]

Bring to Light the Security Risks of Web Applications run by Shadow IT

A quiet proliferation of SaaS and web applications and infrastructure with web-based interfaces is taking place throughout your organization. These applications are often essential to business, financial, and technical users. Yet, security and operations folks who are tasked with safeguarding your entire IT environment are likely unaware of the breadth of applications in use. Even when they are … [Read more...]

Secret Server Product Update: Enhancements for the New Reality of Cloud and Remote Work

The modern IT environment is diverse and constantly changing. In the always-on, Internet-connected global marketplace, traditional perimeters are disappearing as most organizations rely more and more on cloud-based applications to conduct business. Now, you can simplify management of an IT environment that includes multiple cloud instances, remote workers, and 3rd-party contractors It’s … [Read more...]

PAM cloud security is different. Let me explain why

The 2020 Verizon Data Breach and Incident Report (DBIR) published in May gives a clear indication of where privileged access management (PAM) security is going these days. And the forecast is for cloudy skies ahead.  That’s because: 77% of cloud breaches are due to compromised credentials Attacks on web applications more than doubled in 2019 With credentials as the overwhelmingly preferred attack … [Read more...]

A New Approach to Modern Enterprise Access Management

Earlier this week, we publicly announced the acquisition of Onion ID—a San Francisco-based identity and privileged access management (PAM) company. The acquisition marks a significant milestone in Thycotic’s strategic direction as a PAM company. Over the past several years, we have driven innovation through a multi-stage product roadmap designed to help companies adopt PAM and embed privileged … [Read more...]

Addressing emerging PAM use cases to protect access to SaaS applications, cloud infrastructure, and databases

With most of the global, white-collar workforce suddenly shifting to working remotely, cloud technology has emerged as a critical component to keep businesses up and running. These services are enabling people to collaborate with one another, and provide the tools they need to stay productive, enhance accessibility and create a mobile friendly environment while working remotely. While there has … [Read more...]

DevOps Secrets Vault and Dynamic Secrets in the Cloud

Back in July of 2019, Thycotic released DevOps Secrets Vault, a high-velocity vault for high-speed password and secret creation, archiving, and retrieval. Each month we roll out improvements to this cloud-based tool. In 2020, we’ve been focused on adding dynamic secrets for key cloud platforms. For infrastructure-as-a-service platforms dynamic secrets in DevOps Secrets Vault offer another layer … [Read more...]

The Landscape of PAM is Changing – Customers Want Mobile PAM

At Thycotic, we’re watching the landscape of our customers’ privileged access management needs evolve. PAM can no longer be simply a web application hosted on premise; our customers are telling us they need flexible deployment and access options. More day-to-day business operations need access to data, applications, and platforms Organizations are also acknowledging that PAM protection and … [Read more...]

A week in security (April 27 – May 3)

Last week on Malwarebytes Labs, we looked at how secure the cloud is, understood why unexpected demand can influence an organization to consider their “just in time” (JIT) system, speculated on why the threat actors behind the Troldesh ransomware suddenly released thousands of decryption keys, preached the good news about VPN being mainstream, touched on the relationship between cybercrime and a … [Read more...]

Cloud data protection: how to secure what you store in the cloud

The cloud has become the standard for data storage. Just a few years ago, individuals and businesses pondered whether or not they should move to the cloud. This is now a question of the past. Today, the question isn’t whether to adopt cloud storage but rather how. Despite its rapid pace of adoption, there are some lingering concerns around cloud storage. Perhaps the most persistent issue … [Read more...]