+1-202-802-9399 (US)

Thycotic’s CyberSecurity Publication

POPULAR CATEGORIES

Filter by Tags: 

Articles in the ‘Best Practices’ Category

The Future of Passwords and Password Management in the Enterprise

January 1st, 2019

Passwords have been around for decades now, and they aren’t going away any time soon. And yet, password security best practices have been ignored by many. Too many people and companies are careless with password management, even though they know that a single password in the wrong hands can lead to disastrous consequences. Tempted to…


Least Privilege Uncovered

November 20th, 2018

Organizations around the world are challenged by an ever-growing cyber threat landscape and are experiencing serious cyber fatigue. Their employees are dealing with constant information overload about cyber attacks, ransomware, identity theft and phishing scams. Employees are exposed to risky behavior For years, employees across all departments in most organizations have habitually practiced risky behavior,…


Back to the Basics: Service Account Management 101

November 8th, 2018

Service accounts don’t have to be a nightmare. Get in control now.  Service accounts are typically used in operating systems to execute applications or run programs, either in the context of system accounts (high privileged accounts without any password) or a specific user account, usually created manually or during software installation.  On Unix and Linux…


5 Spooky Privilege Security Mistakes that Will Haunt Your Organization

October 30th, 2018

It’s a dark and stormy night. Suddenly your system locks up. Then you get a message, demanding online payment to release your sensitive data back to you. Unfortunately, this isn’t a Halloween prank. Ransomware is on the rise and organizations of all types are falling victim. Your risk of cyber-attack exponentially increases if you’ve made…


(SSH) Keys to Unix Security

October 9th, 2018

Root accounts are the keys to powerful IT systems, the backbone of your entire infrastructure. They use privileged credentials to control shell access, file transfers, or batch jobs that communicate with other computers or apps, often accessed remotely, with local configuration. They can be the trickiest of all types of privileged accounts to secure, particularly…


Ostriches, Zero Day Exploits, and the Elusive CyberSec Expert: Why SMBs Should Implement Cloud-Based PAM

October 2nd, 2018

Small and medium-sized businesses (SMBs) face a cyber security trifecta. Cyber criminals are increasingly targeting the most vulnerable businesses (not just the biggest fish). Sophisticated attackers quickly take advantage of newly revealed vulnerabilities. And, cyber security professionals are in short supply. Maybe SMBs aren’t aware that they can use the same types of security systems…


Incident Response Plan: Are You Breach-Ready?

August 28th, 2018

It’s no longer rare to see cyber-attacks in the daily news. From ransomware to data breaches to DDoS (Distributed Denial of Service) attacks, the incident is usually attributed to either cyber criminals or nation states, and almost always comes from beyond our own country’s borders and laws. Because of this, we worry about clicking on…


Back to the Basics: The problem with forcing regular password expiry

August 21st, 2018

For many people and organizations around the world a single password is sometimes the only security control protecting their sensitive information, access to email and even their bank account. The traditional password best practice was to create a long, complex password that only you would know, and it protected one or two accounts; you likely…


Privileged Account Management and Identity Access Management: Same Family, Different Strengths

August 14th, 2018

From a cyber criminal’s point of view, obtaining privileged account information has the highest ROI of any attack strategy. A malicious actor with privileged account passwords in hand could infiltrate key databases and access highly sensitive data. To obtain this information, attackers use increasingly sophisticated tools and social engineering techniques which are extremely difficult for…


The EU GDPR is now in effect. What has happened so far?

June 26th, 2018

Finally, the time has come. May 25th 2018 is now in the past, and the EU GDPR has come into effect after a two-year transition period. The earth is still rotating, the internet still kind of works. So what has happened, and have any lessons been learned yet? EU GDPR and Data Privacy Email SPAM…