Thycotic Telephone Number +1-202-802-9399 (US)

Thycotic’s CyberSecurity Publication

POPULAR CATEGORIES

Filter by Tags: 

Posts Tagged ‘PAM Basics’

Privileged Access Management Best Practices

September 24th, 2019

For the past two years, Gartner has named privileged access management (PAM) the top IT security priority. Privileged account credentials for domain admins, service, application, and root accounts are valuable targets. When attackers gain these credentials, they can exploit your most sensitive information and critical systems. Privileged access gives them power to alter data, change…


Before the Breach: Leveraging PAM and VPAM solutions to protect privileged credentials

August 27th, 2019

This is a guest blog written by Tony Howlett, CISO at SecureLink. Tony is a published author and speaker on various security, compliance, and technology topics. He also serves as President of (ISC)2 Austin Chapter and is an Advisory Board Member of GIAC/SANS. CISOs and their security teams have an impossible task; they must predict…


Service Account Governance: Reduce your attack surface with Account Lifecycle Manager

August 20th, 2019

Service accounts abound in every organization. Failure to manage them leads to significant risk. This has been a critical issue for organizations that use Active Directory and have grown to a level that accounts can no longer be managed by hand. Almost all medium to large organizations suffer from extreme service account sprawl, perpetuating the…


Building a PAM business case: cost-justifying privileged access management projects

August 13th, 2019

Most IT or security projects require a formal approval process, and that often includes a written business case. An IT business case document can vary from a simple one-page write-up to a full-blown justification paper with detailed cost and return-on-investment calculations. Many organizations have standard business case templates, but here’s what type of information a…


How to Find Your Best Match Among Privileged Access Management Vendors

August 6th, 2019

So, you want to bring on a PAM solution and you’re either selecting a Privileged Access Management vendor for the first time, or you may be “upgrading” from a typical password manager software product.  In any case, you’re probably looking for several PAM capabilities, as well as how best to deploy your proposed PAM solution:…


You break it, you buy it: Fear of unknown dependencies hinders service account governance

July 16th, 2019

Thousands of services run on a typical corporate network. They include multiple services which are core to network security, network services, and IT automation, such as Windows services, scheduled tasks, batch jobs, application pools within IIS, and more. To connect automatically across a network to databases, file systems, and network services, these services rely on…


Protect Your Privileged Credentials with WebAuthn

June 25th, 2019

85% of organizations fail to achieve basic PAM capabilities according to Thycotic’s 2019 State of Privileged Access Management (PAM) Maturity Report.  This is due in large part to poor security hygiene. It’s essential that organizations deploy proper security precautions to ensure privileged user accounts are not vulnerable or even already compromised. Organizations still struggle with…


World Password Day 2019: The 6 Worst Password Fails

April 30th, 2019

We’ve covered a lot of password security tips and ways to secure your credentials on The Lockdown. For World Password Day 2019 we thought we’d do things a bit differently and share some of the worst password fails this past year.  While these organizations and individuals may not appreciate the extra attention, these password fails…


How to Remove Admin Rights Without Reducing Productivity

April 9th, 2019

This is a guide to the risks associated with admin rights and over-privileged users, and how to remove admin rights in order to reduce those risks.  There are many options for removing administrator rights, however you must always consider business operation—removing admin rights should never jeopardize productivity.  Why do organizations use admin rights in the…


Measurable Results of Service Account Privilege Management

April 4th, 2019

It’s very easy for service accounts to fall off your radar. Virtually all organizations have some unknown service accounts and some have thousands. Why do service accounts get lost? An employee leaves and the account is simply abandoned. The account is used less and less until it becomes obsolete and forgotten. Default accounts are left…