OIV OSE

What are the regulations for OVI and OES?

The multiplication of attacks and threats to organizations’ information systems has prompted the French government and the European Union to implement recommendations and rules for private companies and public administrations. The requirement level of these rules and recommendations varies according to the importance of the target organization. They are optional for organizations considered as non-sensitive, but, at different levels, mandatory for OVI (Operators of Vital Importance) and OES (Operators of Essential Services). Limiting the cyber risk of OVI and OES… Read More >>

démocratisation du télétravail

6 advantages of the democratization of telework

Still very limited a few years ago, telework has taken a drastic yet salutary step forward for the large number of organizations that have used it: in many cases, it was the only way to maintain the economic activity without putting employees at risk of health hazards. This forced democratization of telework has proved to be beneficial in this period of health crisis, but it will also be beneficial in the future and in a much broader context than just… Read More >>

Secure Access Service Edge

Secure Access Service Edge: A Paradigm Shift

The network and network security world is experiencing, like any other technology, its digital revolution. The traditional vision of “inside the firewall” and “outside the firewall” has been shattered: Internet has become the network of the extended enterprise. Secure Access Service Edge: Trends Leading to a Paradigm Shift Moving from a “network-centric” architecture to a “user-centric” and “application-centric” architecture. On the one hand, the cloud and the decentralization of servers and applications in disparate clouds; on the other hand, the… Read More >>

Covid-19 : les grands oubliés du télétravail

Covid-19: the forgotten side of teleworking

A few days ago, a survey conducted by Odoxa-Adviso Partners estimated that there are 5.1 million people teleworking in France during this period of covid-19 health crisis. This means that 3.3 million employees have the possibility to work remotely, in addition to the 1.8 million who already occasionally had this possibility before. This flexibility is excellent news for our economy because it allows us to maintain part of the nation’s productive force, and also to save a few billion in… Read More >>

terminal client léger

Making the administration workstation incorruptible with a hardened thin client terminal

The terminal allowing administrators to access the administration network is a key element for the global security of organizations’ information systems. A possible corruption of this terminal is a major risk for companies. The use of a hardened thin client terminal communicating with administration virtual desktops allows you to take advantage of the specific and secure architecture of a hardened thin client terminal while benefiting from the functionalities of Privileged Access Management (PAM) solutions thanks to virtualization. Prerequisites for using… Read More >>

rançongiciels

Ransomware, a cyber threat with an exponential curve

During the International Cybersecurity Forum (ICF) which took place on January 30, 2020, Guillaume POUPARD, the General Director of the National Cybersecurity Agency of France (ANSSI), mentioned the multiplicity of ransomware cyber attacks. On this subject, he also points out that “Hospitals, communities and administrations must be prepared to face the exponential curve of ransomwares”. What is a ransomware? A ransomware, also known as cryptolocker, is a malicious software that hijacks personal and/or confidential data of an individual or all… Read More >>

moindre privilège

Least privilege: a key principle for the security of the Information System

The least privilege principle consists in limiting the rights/authorizations of any individual on the information system to only those applications/data that are necessary for his missions. This principle appears in many guides relating to cybersecurity, in particular in documents published by the National Cybersecurity Agency of France – ANSSI (PA-022 – recommendations relating to the secure administration of information systems or PG-040 – recommendations for the implementation of system partitioning) or in the rules issued by the French MPL (Military… Read More >>

atawad

ATAWAD: What about security?

The term ATAWAD, which stands for “Anytime, Anywhere, Any Device”, refers to a fundamental trend made possible by the hyper-connectivity and interoperability of devices used by everyone. However, this expression omits an essential aspect, which in this case involves hyper-connectivity and interoperability: security. ATAWAD: What is it? ATAWAD is the fact of having access to your applications regardless of the device used, anywhere and anytime. For example, if you watch a program on a VOD platform such as Netflix at… Read More >>

travail à domicile

Working from home : Cybersecurity tips to follow

The latest transport strikes and the isolation of millions of employees to slow the spread of Covid-19 have been the vectors for massive teleworking in 2019 and 2020. The wide use of telework is not without risks for organizations’ information systems. Companies and organizations have less control over the networks, equipment and actions of their employees and, at the same time, must cope with an increase of cyber attacks from entities hoping to take advantage of this situation. Telework :… Read More >>

vpn

VPN vs ZTNA

Since the democratization of Internet at the end of the 1990s, the VPN (Virtual Private Network) has been used by companies to provide their employees with private and secure remote access to their information systems. Nowadays deployed in many organizations, the VPN still presents some risks to the integrity of information systems. To overcome this issue, ZTNA (Zero Trust Network Access) solutions, which are much more secure, are gradually replacing the VPN within organizations. VPN: connecting two networks of trust… Read More >>