New wave of cyber-attacks on banks lend credence to the belief that insider threat is getting complex and cyber-criminals are increasingly targeting to siphon-off the login credentials of employees and administrative passwords of IT resources. It is termed as the ‘massive 21 st century bank heist’. A worldwide gang of cyber-criminals in multiple cities drained ATMs to the tune of $45 million in a matter of few hours last week
Launch secure, browser-based Windows RDP, SSH and Telnet sessions from Password Manager Pro
Launching remote login sessions: Ease of use Vs Security Organizations are deploying privileged password management solutions to mitigate cyber threats and control access to sensitive IT resources. Access requirements themselves are changing in response to evolving business demands such as partners and contractors requiring remote access to internal resources. In turn, IT is seeking solutions that are secure, easy to use and let end users launch a remote login session with a single click, regardless of the target system type or authentication method and, at times, without disclosing the passwords.
Cyber-attack on Zappos: Information Security Lessons for Enterprises [Part-5]
In the previous four posts , we analyzed the causes for security incidents. We discussed how lack of internal controls, access restrictions, centralized management, accountability, strong policies, haphazard style of privileged password management and lack of proper activity monitoring give room for security incidents
How do you control concurrent privileged access to sensitive IT resources?
In enterprises, quite often, many administrators might be accessing a system in production environment concurrently.
Perils of ‘Static’ Windows Service Accounts
Windows Service Accounts, used by the system programs to run application software services or processes often possess higher or even excessive privileges than normal user accounts. These are indeed very powerful accounts that run critical business processes and services. Many third-party services or scheduled tasks or processes might make use of the same service account, resulting in a complex interconnection
An automated solution to enforce IT policy on standard password practices
Growing instances of information security incidents have forced IT enterprises to put an effective IT policy in place. All such policies stress three essentials, among the numerous guidelines: Usage of unique, strong passwords across all IT resources Rotating the passwords at periodic intervals Role-based access controls for IT resources Enforcing the IT policy with respect to the privileged passwords turns out to be a daunting task to carry out manually.
Do you still keep your administrative passwords in text files and spread sheets?
Modern IT and other enterprises are heavily dependent on servers, databases, network devices, security infrastructure and other software applications for their day-to-day operations. These infrastructure are accessed and controlled through administrative passwords.
Social media = email (At least when it comes to network security)
Social media sites such as Facebook, Linkedin and others have become parts of our everyday lives. People announce their engagements on Facebook and network without ever leaving the house. They play games and even discuss political arguments right on the 'wall' of their personal profile pages.