jump to navigation

Why Sweeping ID Clean-Up Under the Rug is Not a Best Practice November 12, 2013

Posted by in : Uncategorized   , add a comment

Maintaining a single user ID is a recommended best practice across the computer industry. The reason: a computer doesn’t actually know what a human is. What it understands is a number. A number that gets associated to a human. Sometimes when computers interact, ownership follows the number not the human. Network File Shares is a [...]

Read more ...

Centralized SSH Key Distribution: Making the Use of SSH Efficient and Secure October 16, 2013

Posted by in : Uncategorized   , add a comment

Has your organization avoided use of Secure Shell (SSH) Single Sign-on based on security concerns? Many organizations are unable to effectively secure and share SSH keys. Efficiently performing cyclical refreshing of keys to be consistent with password policies is also a problem. Because of these challenges, many organizations have chosen to avoid the use of [...]

Read more ...

Your network is already penetrated – new thinking about defence in depth (and the problem with proxys) June 19, 2013

Posted by in : Privileged Access Management   , add a comment

It’s been a disturbing few of weeks for security professionals. We have been informed by the news for months that Western military, power, oil & gas, logistics, retail and financial companies have been under attack http://www.techpolitik.com/2013/05/25/iran-hacker/ It’s quite probable networks have already been breached. State funded hacker teams are already walking those companies’ networks, trying [...]

Read more ...

Unified Access Management & Governance: Is It Possible? May 28, 2013

Posted by in : Privileged Access Management   , add a comment

Most organizations are using a variety of solutions to secure access to their various systems including sudo, AD bridging, password vaulting, first generation privileged management systems, SSO, credentials management and more. As well, organizations may also utilize other “after the fact” solutions to record, monitor and audit system access. This hodge-podge approach creates security gaps, [...]

Read more ...

Do you really have control over who is accessing your Windows Network File Shares? April 2, 2013

Posted by in : Uncategorized   , add a comment

With Active Directory (AD) and Windows Servers in the corporate network, it is easy to set up shared network folders for users within the network to centrally share and store files. Windows Network File Shares, also known as Netshares can be limited for access by using standard AD policies. In large enterprise environments you are [...]

Read more ...

Internal Firewalls: How to Minimize the Impact of CyberCrime March 29, 2013

Posted by in : Uncategorized   , add a comment

A couple of blogs ago, I had discussed how when an outsider becomes an insider due to an advanced cyber-attack, it is critical to maintain many layers of defense inside the perimeter of an enterprise. If you talk to any fire department in the country or a fire safety officer for an enterprise, they would [...]

Read more ...

Malicious Insider Attacks Increase 66%: Are You Prepared? November 20, 2012

Posted by in : Uncategorized   , add a comment

The Ponemon Institute recently published a research paper sponsored by HP Enterprise Security titled “2012 Cost of Cyber Crime Study: United States”. The study was both thorough and insightful. Interestingly, among the top most costly cybercrimes quoted in the study are denial of service, malicious insider and web based attack. As much as the malicious [...]

Read more ...

Cyber-Attacks from the Outside In and Inside Out October 18, 2012

Posted by in : Privileged Access Management   , add a comment

In a recent article in the New York Times, Leon Panetta, the Secretary of Defense of the United States, expressed deep concerns about Cyber-Attacks from nation states or other entities who want to disrupt critical infrastructural services and steal sensitive information. Such attacks could be a declaration of war among nation states with all the [...]

Read more ...

The Elephant in the Security Room: Controlling Local Windows Accounts September 25, 2012

Posted by in : Privileged Access Management   , add a comment

Many applications installed on Windows Servers or Desktops require local accounts. Sometimes these accounts are manually created by the person installing the application or are automatically created by the application at the time of installation. The result is a local Administrator account that resides only on that specific server or desktop. As multiple applications are [...]

Read more ...

All Privileged Access Management Solutions Are Not Equal June 26, 2012

Posted by in : IAM, Privileged Access Management   , add a comment

The Identity and Access Management market is strewn with many vendors who claim to provide Privileged Access Management Solutions. The question is whether these solutions can meet the needs of the market. So let us bench mark what the market is looking for in terms of securing their IT environments from insiders who are privileged [...]

Read more ...