Ransomware, a cyber threat with an exponential curve During the International Cybersecurity Forum (ICF) which took place on January 30, 2020, Guillaume POUPARD, the General Director of the National Cybersecurity Agency of France (ANSSI), mentioned the multiplicity of ransomware cyber attacks. On this subject, he also points out that “Hospitals, communities and administrations must be prepared to face the exponential curve of ransomwares”. What is a ransomware? A ransomware, also known as cryptolocker, is a malicious software that hijacks personal and/or confidential data of an individual or all… Read More >>
Working from home : Cybersecurity tips to follow The latest transport strikes and the isolation of millions of employees to slow the spread of Covid-19 have been the vectors for massive teleworking in 2019 and 2020. The wide use of telework is not without risks for organizations’ information systems. Companies and organizations have less control over the networks, equipment and actions of their employees and, at the same time, must cope with an increase of cyber attacks from entities hoping to take advantage of this situation. Telework :… Read More >>
Workplace Experience, a challenge for companies in 2020? The Workplace Experience corresponds to all the experiences of an employee within an organization. These experiences will be decisive for his professional development, his ability to create value by aggregating skills and knowledge through a maximized collaboration, and ultimately to participate to the achievement of the organization’s objectives. Keys to a successful Workplace Experience The availability of a unique work environment, regardless of the access device, regardless of whether the user is at the company’s premises or on the move,… Read More >>
What exactly is Privileged Access Management? If you work in the IT industry, you’ve probably already heard terms like “Privileged Access Management” (PAM) and “Privileged User Management”. But you didn’t say anything because you didn’t know exactly what it was all about. Don’t worry, in this blog post you’ll learn everything you need to know about Privileged Access Management. PAM according to the Gartner According to the Gartner, “Privileged Access Management” (PAM) solutions are designed to help organizations provide a secure and privileged access to critical… Read More >>
Password vault : its potential for cybersecurity Are you one of the 83% of Internet users who use the same credentials for several sites? If the answer is 011011110111010101101001, it means that it may be time to consider using a password “vault”. Password “vault”, what is it? By using a password “vault” or password manager, all passwords are secured. For example, it is possible to create unique and robust passwords for all applications, so you don’t forget them. The main features of a password “vault”: Data storage… Read More >>
The risks of Social Login You have seen it before, or even already used it to connect to a website, the social login seduces because of the simplification and time saving it provides to Internet users. This is a unique authentication form that allows users to connect to different sites or applications through identity providers, for example via their Facebook, Twitter, Google, Apple or LinkedIn accounts, to name just a few. Technically, behind the social login, there are identity federation technologies, which allow to use… Read More >>
6 reasons to deploy an SSO solution The Single-Sign-On (SSO) allows users to access their applications by logging in only once. They then have access to all their resources without having to enter their credentials for each application. Companies and organizations have many reasons to implement this type of solution; among them, we can mention the following six major advantages: Time saving: By logging in only once per session, users will save time, as well as the IT support which will be less likely to be contacted… Read More >>
Security is not an obstacle I hurry to laugh at everything, for fear of having to cry about it. Pierre DAC There are three main areas of information systems security (ISS): awareness, physical security and information technology (implementation ways). About awareness, here is a small selection of sentences I have already heard over the past twenty years (unfortunately, this is not an exhaustive list): Security is useless and expensive! There’s nothing secret about what we do. It’s complicated! You’re frankly paranoid… Regarding the complexity of… Read More >>
Once upon a time in Cyberland If the fool warns of a risk, run away. Teke proverb In [01], I mentioned that the risk can be internal to the organization you are managing/administrating/supervising. I had vaguely in mind (but without really quoting it) the Trojan Horse story, which is one of the greatest war tricks, you will agree. Now, let us look at the case of a user with high rights, acting clumsily and, of course, involuntarily. Before starting, it should be noted that any resemblance… Read More >>
In the age of artificial intelligence, nothing new… really? The year 2017 was marked by numerous issues in the cyber domain. We can mention the successive ransomware waves but also the imminent arrival of the GDPR (General Data Protection Regulation) which is the subject of many conferences, posts, forum topics, etc. Another great subject was the “second birth” of artificial intelligence and machine learning. Concerning the artificial intelligence (AI), we are still far from Skynet from Terminator, I can assure you. However, it has to be said that a… Read More >>