Thycotic will be closed Thursday and Friday, Nov. 26th and 27th for the Thanksgiving holiday. More info »

  • 17 FEB 15

Large Organization Employee Threat Assessment

Despite the popular image of the hacker cracking distant servers from his basement, studies show that people with legitimate access to your information pose an even bigger threat. And when information is stolen from within, it’s often harder to trace and determine the extent of the problem. The larger your organization, the more is the

  • 10 FEB 15

Universities under Attack—Securing student, faculty, and staff’s personal information

Understanding the Size of the Education Industry Sometimes, businesses find out about a data breach the hard way – this was the case for Butler University in May 2013. Police investigating a case of identity theft in California discovered a flash drive on one of their suspects that contained the personally identifiable information (PII) of

  • 03 FEB 15

2015: When Things Get Serious

Let’s start looking at the future of the IT Security landscape by reviewing the past. I made some predictions last year for InfoSec Institute. The article started off with a clever disclaimer that all subjects in the IT Security world are new and are still pioneering in their fields, so that anything can happen within

  • 20 JAN 15

Find out what’s new in Thycotic Secret Server 8.8! (Hint, it’s got some pretty cool new security features)

Thycotic Secret Server 8.8 is coming out later this month. Check out some of its new features. HSM INTEGRATON FOR ADDED SECURITY Are you a user of a hardware security module (HSM) who wishes you could integrate it with Secret Server to protect your encryption.config file? It’s your lucky day, because Secret Server 8.8 supports

  • 14 JAN 15

The First Line of Defense – Passwords

The IT security stakes are high for the healthcare industry – HIPAA violations and fines, criminal charges, and tainted brand reputations make up the fates of healthcare organizations that fail to protect patient data both from the inside and out. Why Healthcare is Being Targeted A large number of personally identifiable information (PII) is stored

  • 23 DEC 14

Lessons from the Sony Hack: Prioritize Privileged Account Management

CNN recently reveled the methodology of the cyber attack that allowed anonymous cybercriminals Guardians of Peace direct access to their network, or the “keys to the entire building,” as one Sony Pictures Entertainment official stated. According to investigators, the attack was carried out through a set of stolen system administrator credentials; a privileged account username and

  • 09 DEC 14

When the Trusted Go Rogue, and How They (almost) Got Away With It

Jason Cornish, a former IT admin, successfully took down 88 servers of a major pharmaceutical corporation for the comfort of a fast food joint. The breach cost the company over $800,000 and caused the entire US office to shut down for three days. Unfortunately for all companies, insider threat is very hard to detect. According

  • 02 DEC 14


With data breaches on the rise, more evidence is constantly being discovered to support the link between privileged accounts in organizations and network breaches. Thycotic and IANS recently conducted a survey of 100 experienced security and IT operations professionals regarding their recent data breaches and privileged account misuse, and the results show there is indeed

  • 04 NOV 14

Access Control: Models and Methods

By: Stuart Gentry, an InfoSec Institute contributor and computer security enthusiast/researcher. There are times when people need access to information, such as documents, slides, etc., on a network drive but don’t have the appropriate level of access to read and/or modify the item. This can happen at the most inconvenient time and they would need

  • 28 OCT 14

Haunting Tale: Beware of the Insider

We all love October for the fall nights, changing leaves, hot cider and Halloween festivities. October is also National Cyber Security Awareness Month suported by the National Cyber Security Alliance. Although we preach cyber security best practices all year, it’s an important reminder to stay safe online. In support of National Cyber Security Awareness Month