Businesses Need To Adopt A Zero-Trust Approach To Stay Secure While Working Remotely

*Disclaimer: This article originally appeared on Forbes.

With COVID-19 forcing organizations of all sizes to shift employees to remote work, some may be concerned their company’s cybersecurity measures are inadequate. Though COVID-19 is the most drastic recent example of necessitating working from home, it certainly won’t be the last.

Read More

Evolving Your Organization’s Access Management Capabilities with the Identity and Access Management Maturity Model, Part Two

Access Management (AM) is a critical area in any cybersecurity strategy that refers to how identities are applied to the data and resources in an organization’s environment, ensuring users have the correct access to the appropriate systems, resources, and applications.

Read More

Capital One Data Breach Recap: Keep Your Organization Ahead of the Curve With IAM

March 23, 2019 seemed like any other Monday at Capital One headquarters. Little did employees and customers know that, over the weekend, a hacker had successfully breached Capital One’s security defenses. 

As a result, more than 140,000 Social Security Numbers, 1 million Canadian Social Insurance numbers, and over 80,000 pieces of banking and credit information were stolen, along with an undisclosed number of names, addresses, credit scores, and more. 

Read More

Evolving Your Organization’s Access Management Capabilities with the Identity and Access Management Maturity Model, Part One

Access Management (AM), Identity Management, Identity and Access Management (IAM), and Privileged Access Management (PAM): while these terms use similar language and act to strengthen an organization’s security posture, they each have separate and distinct meanings. 

Read More

The 6 Business Systems You Should Be Protecting with Privileged Access Management, Part 2

Your organization likely realizes the unfettered access that traditional IT privileged accounts provide and has taken proactive steps to lock down access to these accounts. But what about critical business systems that offer the ability to cause reputational damage or that provide access to monetizable data, such as protected health information (PHI), credit card numbers, and social security numbers?

Read More

The 6 Business Systems You Should Be Protecting with Privileged Access Management, Part 1

Traditionally, privileged accounts are IT-based and have special active directory (AD) attributes. IT administrators use them to log into servers, switches, routers, and applications and perform tasks without restriction.

Legacy security systems focus on protecting these AD privileged accounts, and with good reason: Once obtained by hackers, the accounts can be used to access the most sensitive data, lock out legitimate users, and create ghost accounts and back doors that are not easily seen.

Read More

Privileged Account Management is More Than Just Protecting IT Admin Accounts

There have been a slew of major data breaches in recent years. The number of records exposed in data breaches last year alone reached 174.4 million—close to five times the 36.6 million records exposed in 2016, according to the Identity Theft Resource Center.

Read More

The Problem with Legacy IAM Systems and Third-Party Access

Despite the risks associated with remote third-party access and the ongoing slew of data breaches resulting from third-party breaches, outsourcing isn’t going away anytime soon. On the contrary, IT outsourcing will be a $335 billion industry by 2019, according to Gartner. The benefits to business productivity, efficiency, and collaboration are simply too great, and modern enterprises can’t compete without opening up their infrastructures and data.

Read More

Privileged Access Management vs. Privileged User Management

The majority of major data breaches in recent years have resulted from hackers gaining access to unmanaged and unprotected privileged accounts and credentials.

Privileged and services accounts are a significant risk because of the access they provide the user with access to an organization’s systems and data. These accounts can be used to access the most sensitive data, lock out legitimate users, and create ghost accounts and backdoors that are not easily seen.

Read More

Identity Management Best Practices: Start with the Basics

Another year, another Verizon Data Breach Investigations Report (DBIR), another depressing look into the state of global cybersecurity preparedness.  

Read More

Subscribe Here!