Thycotic Events & Webinars
PAM for IoT – Internet of Things
Thursday, March 30 | 10:00 AM EST
Is your organization ready to adopt IoT? While IoT may offer significant benefits, including cost savings and efficiencies, there are several security concerns that are keeping CSO’s up at night.
Join Thycotic in understanding how Privileged Account Management can add an additional layer of security to help control, monitor and secure IoT devices. You will learn how businesses can readily authenticate all connected IoT devices on your network by:
• Creating a comprehensive IoT management plan for accountability
• Adopting IoT and PAM best practices in your organization
Overcoming the Insider Threat: A government agency’s greatest security vulnerability
Thursday, April 6 | 11:00 AM ET
Detecting insider threats is one of biggest cybersecurity challenges for any organization, and preventing insider abuse remains one of the top cybersecurity issues identified by the National Counterintelligence and Security Center (NCSC). Government data is a special target because of its value to a wide variety of interested parties including non-friendly states, media, corporations, financial institutions or other groups that would use the data for competitive advantage, financial gain or political leverage.
Join Thycotic security expert and product manager, Ben Yoder as he explains the who, what, when, where, and why of insider threats including:
- Threat actor motivators
- How malicious insiders gain access to the “keys to the kingdom”
- How to protect your agency’s critical data from insider abuse
All registrants will receive a free copy of “PAM Solutions for Federal Agencies” solution brief.
Privileged Behavioral Analytics – Real-time security insights based on real-world scenarios
Thursday, April 20 | 11:00 AM ET
Up to 80% of cyber security breaches from hacker attacks or abuse by malicious insiders involve user and privileged account credentials that are compromised and can go undetected for months.
Discovering the early warnings of privileged account compromise or misuse as it can mean the difference between a contained incursion and a cyber security catastrophe.
Join Thycotic’s product marketing manager RJ Gazarak, as hedemonstrates how to proactively detect breaches and prevent data theft with Thycotic’s Privileged Behavior Analytics solution that provides:
- Real-time graphical views of privileged accounts and access patterns for individuals across your enterprise
- Early warning alerts of potential account compromise by hackers or malicious insiders
- A comprehensive view of your privileged account user environment
All registrants will receive a free white paper: “How to instantly see privileged account compromise or abuse”
Join Thycotic for one of our weekly demos
Minimizing Help Desk calls can save significant amounts of time and money. Learn how Thycotic self-service password reset tool for end-users can simplify your password management. By allowing employees to reset their forgotten Active Directory passwords directly from the web or Windows login screen, Password Reset Server can drastically cut Help Desk calls and reduce costs.
We will demonstrate how Password Reset Server can work for you including:
• How to implement an end-user password reset solution and receive buy-in
• Review Password Reset Server security controls and auditing capabilities
• Key ways to improve your organization’s efficiency and bottom line
5 Free PAM Tools Cybersecurity Professionals Live For
Get a quick overview of the latest cyber security tools that can help transform your PAM security program. You will save time and money while improving the protection of your privileged account passwords with these Free PAM security tools and training:
- Secret Server Free – The fastest to deploy, easiest to use privileged access password security solution in a free edition.
- Password Security Policy Template – Privileged account password security policy templates ready to customize, and help demonstrate compliance.
- Windows Endpoint Application Discovery Tool- Identifies the riskiest applications running in your environment with reports that help you evaluate their potential risks.
- Windows and Unix Privileged Account Discovery Tool – Saves you hours of effort in locating unknown and therefore unprotected privileged accounts.
- Privileged Password Security Certification Training – One hour, online Privileged Password Security Training teaches you the basics of privileged account security.
Using Excel to store privileged account passwords? You’ve probably already been breached.
Many organizations and IT Administrators still use Excel spreadsheets to store passwords in privileged accounts and share them between key staff members so they can gain access to important and critical systems. Yet this entrenched practice of storing sensitive passwords and credentials in a spreadsheet is a major security risk and should be avoided at all costs. In fact, your systems may already have been breached with this practice and you don’t even know it.
Join Thycotic Product Manager, Joseph Carson, as he highlights why and how you should eliminate the unnecessary risks around using Excel to manage privileged passwords including:
• Why Excel was never intended to be a Password Management Solution
• The lack of built-in security with spreadsheets
• Excel risks for data loss, security updates and transportability
• How you can eliminate these risks with automated PAM solutions
Everyone registered will receive a free white paper describing the risks with using Excel and how to eliminate them.
The Shortfall in Privileged Account Security – and what organizations can do about it
According to the 2016 Verizon Data Breach Report, 63% of confirmed data breaches involved leveraging weak, default or stolen passwords.
Thycotic a provider of privileged account management solutions for 7,500+ organizations worldwide, in conjunction with Cybersecurity Ventures, a research, and market intelligence firm, launched a ground-breaking online Privileged Password Vulnerability Benchmark survey taken by 600+ organization from around the globe to learn why 63% of the data breaches involved privileged accounts.
We found that 52% of the companies who participated in the benchmark survey received a failing grade on the enforcement of privileged credential controls.
Join Thycotic in a 45-minute educational training session that reveals the specific shortcomings in the current state of privileged account security and provides recommendations for how to address the most common failures.
Protecting ALL the Privileged Accounts in Your Environment and the Cloud
You can’t protect what you don’t know exists. So before you launch into a privileged account lockdown project you need to start with really understanding how many such accounts exist. Most of the time organizations significantly underestimate.
Administrator on Windows and root on Linux are just the beginning. Let’s think about a web application farm running some off the shelf software package. Let’s say there are 3 web servers and 2 database servers. One OS root/admin account per system is a given. Next there’s the DB super user account such as “sa” on SQL Server. Next, if the application is running on Windows/IIS there are
-Service accounts for the DB
-Service accounts for the application
-Accounts used by the application to access the database
And don’t forget the hardware level accounts used for logging on to the motherboard itself for remote maintenance and control.
All of these should be considered privilege accounts. That brings me to another issue we’ll discuss in this real training for free ™ event: how do you define privileged accounts. That’s really a pre-requisite to get resolved before you even try to discover privileged accounts.
These are just the built-in / system-required accounts for the application. On top of that are other accounts for system management and actual human IT staff. Privileged users should include more than just accounts with full admin or root authority. Other users may be less privileged but are still privileged. This would include perhaps helpdesk staff with password reset authority or operations folks who have backup authority.
It turns out that there are probably event people, outside of IT, in your user departments that should be considered privileged accounts and subject to similar safeguards.
But you can’t stop at the network. Cloud apps and services have privileged accounts too and there’s no difference in the security requirements. In fact I know of a technology startup that completely went out of business when their AWS admin portal was hacked.
In this webinar we will look at methods and tools for helping you systematically catalog and maintain all the privileged accounts in your organization – whether on prem or in the cloud. And we’ll give you a list of criteria to choose from in defining what “privileged” means for your organization.
We’ll show you some free tools including:
-Windows Privileged Account Discovery
-Unix/Linux Privileged Account Discovery
Best security tip you’ll get this year: Limit user privileges
85% of reported breaches involve compromised endpoints according to SANS. Traditional Antivirus and Anti-malware blacklisting can’t keep up with new and advanced threats targeting desktops, laptops and servers.
Join Product Manager, Joseph Carson as he describes how you can lock down endpoints and control application permissions and access with least privilege policies using new Privilege Manager for Windows from Thycotic. You’ll learn how easy and effective it can be to implement a least privilege access policy with an easy, simple and affordable solution: Privilege Manager for Windows and Unix from Thycotic.