Guest column by Joseph Carson, Chief Security Scientist at Thycotic. “Ransomware” is on the rise using “targeted phishing attacks” and is being used for financial blackmail and poison or corrupt data. No one is excluded from these threats and no company or individual is too small to be a target.…
Now more than ever, technology and compliance teams need to work together to protect the integrity of their organizations. Sensitive information is stored and transferred in digital form and associated regulations are becoming increasingly strict and complex. While compliance is responsible for identifying the regulations which pertain to information security,…
Guest column by Joseph Carson, Chief Security Scientist at Thycotic. Chief Information Security Officers, CISOs, bear some of the heftiest weights on their shoulders of anyone in an organization. Single-handedly, depending on their security policies and the enforcement of them, they can be responsible for the success or downfall of…
This blog addresses why Active Directory auditing is necessary. Who moved my object and other AD mysteries Active Directory was created to simplify identity services in the enterprise, and ease the lives of sys admins everywhere, but lack of visibility into AD operations continues to be a major pain point.…
Most IT departments have no issue admitting the high importance of a highly available Active Directory. It’s become clear that while Active Directory downtime is rare when it does happen, it’s devastatingly costly. Most modern enterprises live and die by their identity infrastructure, and Active Directory is primarily at the…
I addressed Active Directory excessive privilege in the past as part of other, broader topics. But recently I started thinking it’s a great time to dedicate an entire article to it. This is not a random thought on my part. All you need to do is look at a few…
One of the really annoying things about passwords is that you have to remember them. If you can't remember your password at a SaaS provider, it's pretty straightforward: you click on the "forgot password" link and go through the password recovery process. As is often the case, however, the corporate…
It's pretty well accepted now that the world is moving away from painstakingly planned, piloted, deployed, and maintained on-premises applications in local data centers. It's moving to web services, hosted in the cloud (best definition: your stuff on someone else's computer) whose new capabilities are rapidly deployed and refined via…