+1-202-802-9399 (US)

Thycotic’s CyberSecurity Publication

POPULAR CATEGORIES

Filter by Tags: 

Articles in the ‘Best Practices’ Category

Cyber Security Incident Response and Reporting Process

March 19th, 2019

Ever since we launched our customizable cyber security incident response template, I’ve been amazed by its volume of downloads. I quickly realized that the increasing cyber threats from criminal hackers, malware and ransomware is starting to be taken seriously by organizations large and small, and that there is a growing demand for guidance and information…


New Hire Onboarding Checklist: A CISO’s Perspective

March 12th, 2019

When a new employee enters an organization there are various behind-the-scene activities that must take place to ensure the new hire an efficient onboarding experience. Many are administrative in nature and are taken care of by HR. But then there are those related to cyber security—and they are far too often overlooked. As a security…


Complete Guide to leveraging Session Recording to Improve Accountability and Meet PCI Compliance

March 5th, 2019

You’ve set up policies. You’ve trained your team. You’ve vetted third parties. But, even the most proactive privilege security strategy can’t account for every situation and every type of risky behavior.   Today many Thycotic customers rely on session recording and monitoring capabilities for added peace of mind. If any privileged user adds a backdoor account or makes an unauthorized configuration change,…


Actions CISOs Must Take to Overcome Negative Perceptions

February 12th, 2019

Chief Information Security Officers (CISOs) shoulder tremendous responsibility. They’re ultimately responsible for their company’s cyber security posture. At the same time, the security decisions they make also impact core business metrics such as productivity, cost savings, revenue growth, and brand perception. The world of today’s CISOs is a balancing act. On one hand, they are…


Up, up and to the Clouds: Cloud Computing 101

January 22nd, 2019

The cloud has always been this mysterious place—many companies embraced it and put everything they could into the cloud, while others watched cautiously from a distance, wondering whether they should do the same. Before taking you on the journey to the cloud, let’s answer the question “What is the cloud, exactly?” Clearly, it’s been a…


The Future of Passwords and Password Management in the Enterprise

January 1st, 2019

Passwords have been around for decades now, and they aren’t going away any time soon. And yet, password security best practices have been ignored by many. Too many people and companies are careless with password management, even though they know that a single password in the wrong hands can lead to disastrous consequences. Tempted to…


Least Privilege Access Control Uncovered

November 20th, 2018

Before I describe the behaviors that make least privilege access control a critical component of your organization’s PAM strategy, let’s clearly define the Principle of Least Privilege (PoLP). The principle of least privilege calls for granting only the minimum permissions required by an end-user, application, service, task or system to perform the jobs they have…


Back to the Basics: Service Account Management 101

November 8th, 2018

Service accounts don’t have to be a nightmare. Get in control now.  Service accounts are typically used in operating systems to execute applications or run programs, either in the context of system accounts (high privileged accounts without any password) or a specific user account, usually created manually or during software installation.  On Unix and Linux…


5 Spooky Privilege Security Mistakes that Will Haunt Your Organization

October 30th, 2018

It’s a dark and stormy night. Suddenly your system locks up. Then you get a message, demanding online payment to release your sensitive data back to you. Unfortunately, this isn’t a Halloween prank. Ransomware is on the rise and organizations of all types are falling victim. Your risk of cyber-attack exponentially increases if you’ve made…


(SSH) Keys to Unix Security

October 9th, 2018

Root accounts are the keys to powerful IT systems, the backbone of your entire infrastructure. They use privileged credentials to control shell access, file transfers, or batch jobs that communicate with other computers or apps, often accessed remotely, with local configuration. They can be the trickiest of all types of privileged accounts to secure, particularly…