+1-202-802-9399 (US)

Thycotic’s CyberSecurity Publication

POPULAR CATEGORIES

Filter by Tags: 

Posts Tagged ‘Compliance’

Complete Guide to leveraging Session Recording to Improve Accountability and Meet PCI Compliance

March 5th, 2019

You’ve set up policies. You’ve trained your team. You’ve vetted third parties. But, even the most proactive privilege security strategy can’t account for every situation and every type of risky behavior.   Today many Thycotic customers rely on session recording and monitoring capabilities for added peace of mind. If any privileged user adds a backdoor account or makes an unauthorized configuration change,…


Privileged Access Management Compliance Through the Eyes of an Auditor

January 8th, 2019

Compliance audits are a stressful, time-consuming effort for many companies. In the Lockdown blog, we often talk about the tools and processes customers use to prepare for both internal and external information security audits. This time we thought we’d turn the tables and speak directly to an auditor to hear his perspective. In this post, auditor…


How to get your entire company on board with Privileged Access Management

November 13th, 2018

Maybe you’ve recently failed an audit, or you can’t stand yet another password being uploaded to your IT team’s risky, shared Excel doc. For whatever reason you are here, you are ready to tackle Privileged Access Management head on. But hold on, you may have a few hurdles you have to overcome first. Before you…


The EU GDPR Checklist: It’s go time!

March 13th, 2018

Yes, you’ve all heard about it. Many companies have been raising the alarm and increasing awareness about GDPR—General Data Protection Regulation—for months now, all offering solutions for anything at all to do with GDPR. It’s caused a lot of confusion, raised many questions—and organizations have no idea where to start. Many assume they are excluded…


NYS DFS 23 NYCRR PART 500: What is it and when is the compliance deadline?

November 9th, 2017

What is DFS 23 NYCRR PART 500? 23 NYCRR PART 500 is a regulation that establishes cybersecurity requirements for financial services companies. The concept of cybersecurity is nothing new, and regulations or compliance mandates around cybersecurity are nothing new either.  At its core, cybersecurity is all about protecting your organization’s data and network from malicious…


Top 5 privileged account security reports CISOs must have: What is the status of your privileged account password policy compliance?

August 28th, 2017

Do you know an IT security professional who would NOT want an at-a-glance view of all the credentials being managed by their privileged account management tool, and absolute assurance that they adhere to the organization’s assigned policy requirements? I think not. In this exclusive 5-part Thycotic educational series we outline the privileged account security reports…


Demystifying the EU General Data Protection Regulation – Let’s BUST the Myths

July 10th, 2017

Yes, you’ve all heard about it. Many companies have been raising the alarm about GDPR for months now, all offering protection and silver bullets to solve anything and everything to do with GDPR—all you have to do is install this one box. Right! It’s caused a lot of confusion and many questions, and organizations have…


FERPA tells you what, but not how: The first step to being compliant today

April 26th, 2017

In the 1970s the US Government introduced the Family Education Rights and Privacy Act (FERPA).  In short, the act provides guidelines and regulations for when and how an academic institute can share student/parent records with those record owners and 3rd parties.  Much like other regulations (such as HIPAA and PCI), technology continues to have a…


How to meet FISMA Compliance in 9 Steps

November 16th, 2016

Who must meet FISMA compliance, and how do you do it? To protect classified data and mission-critical government systems from cyber attack, the Federal Information Security Management Act (FISMA) mandates that federal agencies (as well as contractors that wish to do business with the federal government) develop, document, and implement a cyber security program. If…


Privileged Passwords and PCI-Compliance

June 2nd, 2016

Guest post from Alpha Generation a Thycotic certified partner who specializes in IT distribution with a focus on proactive security in the UK. Anyone that handles payment card data is affected, so most of us have heard of the Payment Card Industry Data Security Standard (PCI-DSS). It establishes key expectations for protecting cardholder data, whether you’re handling…