terminal client léger

Making the administration workstation incorruptible with a hardened thin client terminal

The terminal allowing administrators to access the administration network is a key element for the global security of organizations’ information systems. A possible corruption of this terminal is a major risk for companies. The use of a hardened thin client terminal communicating with administration virtual desktops allows you to take advantage of the specific and secure architecture of a hardened thin client terminal while benefiting from the functionalities of Privileged Access Management (PAM) solutions thanks to virtualization. Prerequisites for using… Read More >>

moindre privilège

Least privilege: a key principle for the security of the Information System

The least privilege principle consists in limiting the rights/authorizations of any individual on the information system to only those applications/data that are necessary for his missions. This principle appears in many guides relating to cybersecurity, in particular in documents published by the National Cybersecurity Agency of France – ANSSI (PA-022 – recommendations relating to the secure administration of information systems or PG-040 – recommendations for the implementation of system partitioning) or in the rules issued by the French MPL (Military… Read More >>

vpn

VPN vs ZTNA

Since the democratization of Internet at the end of the 1990s, the VPN (Virtual Private Network) has been used by companies to provide their employees with private and secure remote access to their information systems. Nowadays deployed in many organizations, the VPN still presents some risks to the integrity of information systems. To overcome this issue, ZTNA (Zero Trust Network Access) solutions, which are much more secure, are gradually replacing the VPN within organizations. VPN: connecting two networks of trust… Read More >>

gestion des accès à privilèges - PAM

What exactly is Privileged Access Management?

If you work in the IT industry, you’ve probably already heard terms like “Privileged Access Management” (PAM) and “Privileged User Management”. But you didn’t say anything because you didn’t know exactly what it was all about. Don’t worry, in this blog post you’ll learn everything you need to know about Privileged Access Management. PAM according to the Gartner According to the Gartner, “Privileged Access Management” (PAM) solutions are designed to help organizations provide a secure and privileged access to critical… Read More >>

Authentification continue

Continuous Authentication : When Behavioral Analysis Guarantees Your Identity

Many authentication methods exist nowadays. The most well-known of them is by using the login/password pair. For a better secured access to the information system, many organizations have implemented a multi-factor authentication (MFA), especially for IS administrators. But once authenticated, what guarantees that it is the same person behind the screen, mouse or keyboard? Continuous authentication : what is it ? Continuous authentication is a permanent authentication based on the user’s behavior on the workstation. Via the Machine Learning, a… Read More >>

Cybersecurity: a cost that generates savings

Cybersecurity: a cost that generates savings

For organizations, the deployment of cybersecurity solutions represents a significant and yet essential cost. The challenge is to avoid cyber attacks (internal or external to the organization) and therefore their financial consequences (among others). However, this cost must be seen in the context of potential savings that can be realized when a cyber attack fails thanks to the cyber security solutions deployed by the target organization. In their ninth annual study “The cost of Cybercrime” [01], Accenture Security and the… Read More >>

Identité et sécurité Security

Identity and security

Security is a global issue. The security approach has not changed much since Roman times. The idea behind defense-in-depth is to create concentric security circles around the sensitive assets to be protected. Each circle being designed to slow and potentially weaken the enemy’s attack until it is repelled or at the very least detected. We all know the structures of castles, moats, drawbridges and dungeons. Today, the defenses of equivalent modern information systems are called physical security, firewalls, authentication and… Read More >>

The human face of the workplace

The human face of the workplace

A world without users? “Automation”, “DevOps”, “Robotic Process Automation” (RPA), bots, chatbots and other robots, “artificial intelligence” (AI), … According to some people, users will disappear from the scene: the omnipresence of computing, called “digital”, will eventually replace them, do everything for them, and even do more and better than they do. Clearly, as the French song goes, “we are very little things, …”. Will dematerialization go so far as to dematerialize the user? Is there anyone still behind the… Read More >>

TISAX, a standard in the automotive industry

TISAX, a standard in the automotive industry

Based on the standard ISO 27001 and adapted to the requirements of the automotive field, the TISAX (Trusted Information Security Assessment Exchange) standard was developed by the VDA (Verband der Automobilindustrie, the German automotive industry association) in partnership with an association of European automotive manufacturers, called the European Network Exchange (ENX). The TISAX security audit standard allows the mutual acceptance of information security assessments (carried out by trusted and certified third parties) in the automotive industry and provides a common… Read More >>

Management of privileged accounts: 5 key recommendations to protect your Information System

The administration of the information system (IS) of companies and organizations are based on privileged accounts. Privileged accounts rely on the trust placed in their users. Whether internal or external administrators, privileged users have the power to make substantial changes to the IS and therefore have a heavy responsibility concerning the IT security; they have the power to take actions that may harm the company or organization for which they operate. Users with privileged access are able to install and… Read More >>