dcsimg

SSH proxies vs. jump hosts—how to save time and spend less

Security practices are constantly evolving. What might have been considered a state-of-the-art approach ten or even five years ago is no longer defined as a best practice.     In the case of securing Remote Desktop Protocol (RDP), PAM practices have followed this pattern of evolution. What was once a common way of securing RDP—jump hosts—is still a valid approach some companies prefer. However, … [Read more...]

Trick or Treat? Stay safe during National Cybersecurity Awareness Month in October, and beyond

Ah, October! Summer has officially come to an end and we’ve quickly moved on to jumpers, football, and pumpkin everything. October is also National Cybersecurity Awareness Month. The theme for 2019 is “Own IT. Protect IT. Secure IT.”  But it needn’t be scary, and the tricks or treats you get at the end of the month should be the fun and entertaining variety—not something that poses a risk to … [Read more...]

Can PAM and Zero Trust Coexist?

What is Zero Trust and why was it introduced? The concept of Zero Trust isn’t new; the term was coined by Forrester back in 2010 and was initially synonymous with a network security approach known as micro-segmentation. Micro-segmentation is a way to create secure zones in data centers and cloud deployments that allow you to isolate workloads and protect them individually. This approach is … [Read more...]

How to Find Your Best Match Among Privileged Access Management Vendors

So, you want to bring on a Privileged Access Management (PAM) solution and you’re either selecting a vendor for the first time, or you may be “upgrading” from a typical password manager software product.  In any case, you’re probably looking for several PAM capabilities, as well as how best to deploy your proposed PAM solution: on premise or PAM in the cloud. Even small businesses are recognizing … [Read more...]

Take Control of Secrets in Your DevOps Environment

DevOps has emerged as a key practice to maintain speed and innovation where technology and software development drives business. Now, at least half of IT organizations are using DevOps, accelerating their ability to release new code to accommodate ever more competitive market demands. The aim is to improve speed while simultaneously reducing chances of defects and conflicts To further accelerate … [Read more...]

Your city does not have to be a victim of ransomware

These cities have a common foe. Albany, New York; Baltimore, Maryland; Orange County, N.C.; Sammamish, Wash; Atlanta, GA They have all been subject to Ransomware attacks in the past 12 months. The most recent victim being Baltimore, MD which has been the target of ransomware twice in the past year. According to the 2019 Verizon Data Breach Investigations Report, Ransomware remains a major threat … [Read more...]

Thycotic SCIM Connector for Integrations with Secret Server

Today, many organizations have both privileged account management (PAM) and identity governance solutions that operate independently. As a result, organizations lack the ability to have a unified view of identities. As we discussed in “Top PAM Technology Integrations,” while PAM secures access to key system and admin accounts, integration with Identity & Access Management (IAM) and Identity … [Read more...]

Fast, Faster, Fastest: Speed Requirements for Your Password Vault

You’re facing unprecedented pressure to deliver higher levels of service and improve speed to market. At the same time, you need enterprise-wide visibility and control to reduce risk. Do you need a high-speed password vault to protect privileged accounts? If so, how fast is fast enough? These are the questions we’ve been asking to develop the best PAM solutions for your needs: 1. Will only humans … [Read more...]

6 PAM Technology Integrations That Should Be On Every PAM Admin’s To-Do List

Mastering the art and science of integrating other technologies with PAM solutions to enable maximum cyber security visibility and efficiency is no small task. Start from the premise that PAM controls work best when they are integrated with other IT and cyber security tools.  With tight integration, the IT Admin with an advanced level of knowledge can help his or her organization gain better … [Read more...]

World Password Day 2019: The 6 Worst Password Fails

We’ve covered a lot of password security tips and ways to secure your credentials on The Lockdown. This year, on World Password Day, we thought we’d do things a bit differently and share some of the worst password fails this past year.  While these organizations and individuals may not appreciate the extra attention, these password fails all drive awareness and serve as a reminder to improve your … [Read more...]