+1-202-802-9399 (US)

Thycotic’s CyberSecurity Publication

POPULAR CATEGORIES

Filter by Tags: 

Articles in the ‘Best Practices’ Category

Back to the Basics: Service Account Management 101

November 8th, 2018

Service accounts don’t have to be a nightmare. Get in control now.  Service accounts are typically used in operating systems to execute applications or run programs, either in the context of system accounts (high privileged accounts without any password) or a specific user account, usually created manually or during software installation.  On Unix and Linux…


5 Spooky Privilege Security Mistakes that Will Haunt Your Organization

October 30th, 2018

It’s a dark and stormy night. Suddenly your system locks up. Then you get a message, demanding online payment to release your sensitive data back to you. Unfortunately, this isn’t a Halloween prank. Ransomware is on the rise and organizations of all types are falling victim. Your risk of cyber-attack exponentially increases if you’ve made…


(SSH) Keys to Unix Security

October 9th, 2018

Root accounts are the keys to powerful IT systems, the backbone of your entire infrastructure. They use privileged credentials to control shell access, file transfers, or batch jobs that communicate with other computers or apps, often accessed remotely, with local configuration. They can be the trickiest of all types of privileged accounts to secure, particularly…


Ostriches, Zero Day Exploits, and the Elusive CyberSec Expert: Why SMBs Should Implement Cloud-Based PAM

October 2nd, 2018

Small and medium-sized businesses (SMBs) face a cyber security trifecta. Cyber criminals are increasingly targeting the most vulnerable businesses (not just the biggest fish). Sophisticated attackers quickly take advantage of newly revealed vulnerabilities. And, cyber security professionals are in short supply. Maybe SMBs aren’t aware that they can use the same types of security systems…


Incident Response: Are You Breach-Ready?

August 28th, 2018

It’s no longer rare to see cyber-attacks in the daily news. From ransomware to data breaches to DDoS (Distributed Denial of Service) attacks, the incident is usually attributed to either cyber criminals or nation states, and almost always comes from beyond our own country’s borders and laws. Because of this, we worry about clicking on…


Back to the Basics: The problem with forcing regular password expiry

August 21st, 2018

For many people and organizations around the world a single password is sometimes the only security control protecting their sensitive information, access to email and even their bank account. The traditional password best practice was to create a long, complex password that only you would know, and it protected one or two accounts; you likely…


Privileged Account Management and Identity Access Management: Same Family, Different Strengths

August 14th, 2018

From a cyber criminal’s point of view, obtaining privileged account information has the highest ROI of any attack strategy. A malicious actor with privileged account passwords in hand could infiltrate key databases and access highly sensitive data. To obtain this information, attackers use increasingly sophisticated tools and social engineering techniques which are extremely difficult for…


The EU GDPR is now in effect. What has happened so far?

June 26th, 2018

Finally, the time has come. May 25th 2018 is now in the past, and the EU GDPR has come into effect after a two-year transition period. The earth is still rotating, the internet still kind of works. So what has happened, and have any lessons been learned yet? EU GDPR and Data Privacy Email SPAM…


Gartner: Privileged Access Management is the #1 Cyber Security Priority for 2018

June 11th, 2018

A recent report from Gartner reveals the top IT Security Projects for 2018 with Privileged Access Management as #1, Application Control #4 and Protecting Endpoints #6. Before we get into why Privileged Access Management (PAM) is the #1 Cyber Security Priority in 2018, let’s take a quick look at what lead up to this change…


2018 Cyber Security Breaches: Client Concerns, Opportunities for Solution Providers

May 29th, 2018

Cyber-criminal groups have an extensive arsenal of surveillance and research methodologies they use to search for even the smallest of vulnerabilities in your cyber security protections—vulnerabilities that enable them to infiltrate your organization, gather intelligence and access your systems. Thycotic’s 2018 Global Channel Partner Survey Report indicates that these cyber-criminals are largely successful. If your…