Scalable PAM: adapting the control level to the context of the interventions Privileged Access Management (PAM) is a major security issue for organizations insofar as it allows the IT department to control who does what on its information system and to ensure the total security of privileged accounts. However, some PAM solutions offer a wide range of functionalities that are sometimes not suitable for some organizations that may have limited use of these privileged users. For this reason, deploying a scalable PAM product that adapts to the organization’s current context and can… Read More >>
Remote maintenance: Which tools should you choose? Although remote maintenance is essential to the proper operation of organizations, it has certain cyber risks related to remote accesses. These risks can be reduced or even eliminated by using the right IT tools. Several solutions are commonly used for remote maintenance, such as remote-control software, VPNs, ZTNA (Zero Trust Network Access) or PAM (Privileged Access Management) solutions. However, these solutions are not equal in terms of cyber security. Remote maintenance: a performance challenge but also a cyber risk The… Read More >>
How to Fight Against Shadow Admin? When it comes to privileged accounts, traceability is essential, but it is sometimes compromised by the use of shadow admin. This traceability, as well as real-time or a posteriori control of the administration actions allowed by the PAM (Privileged Access Management) should however be exhaustive to effectively protect the information system…. Read More >>
PAM as a Service: Privileged Access Management for everyone? The protection of information systems requires the deployment of a PAM (Privileged Access Management) solution for the surveillance of privileged users, which if deployed on-premise, may be too restrictive to implement for some organizations. In this context, PAM as a Service, or Privileged Access Management as a public cloud service, will be a guarantee of simplicity for the IT teams involved. From a deployment in a few clicks to the guarantee of regular and automatic updates, PAM as a Service… Read More >>
Administration network: 6 risks addressed by PAM Within any organization, there are several risks for the administration network: some have a high occurrence and are simple to deal with, others are rare but complex to handle. The use of a Privileged Access Management (PAM) solution allows to manage these risks by minimizing or even eliminating them. Administration network: protean risks The risks that arise on the administration network can be the result of deliberate acts but also due to errors or negligence. From the use of generic… Read More >>
User Behavior Analytics (UBA): key applications for cybersecurity While User Behavior Analytics (UBA) is not a new concept, its applications are multiplying as Machine Learning becomes more mature. By associating Machine Learning and Big Data, UBA updates the patterns (reference models) and detects any deviation that is potentially dangerous for the information system. What is User Behavior Analytics? User Behavior Analytics is a category of applications that analyzes the user’s behavior and detects abnormal and potentially malicious actions. This behavioral analysis, which can be applied to all users,… Read More >>
Making the administration workstation incorruptible with a hardened thin client terminal The terminal allowing administrators to access the administration network is a key element for the global security of organizations’ information systems. A possible corruption of this terminal is a major risk for companies. The use of a hardened thin client terminal communicating with administration virtual desktops allows you to take advantage of the specific and secure architecture of a hardened thin client terminal while benefiting from the functionalities of Privileged Access Management (PAM) solutions thanks to virtualization. Prerequisites for using… Read More >>
Least privilege: a key principle for the security of the Information System The least privilege principle consists in limiting the rights/authorizations of any individual on the information system to only those applications/data that are necessary for his missions. This principle appears in many guides relating to cybersecurity, in particular in documents published by the National Cybersecurity Agency of France – ANSSI (PA-022 – recommendations relating to the secure administration of information systems or PG-040 – recommendations for the implementation of system partitioning) or in the rules issued by the French MPL (Military… Read More >>
VPN vs ZTNA Since the democratization of Internet at the end of the 1990s, the VPN (Virtual Private Network) has been used by companies to provide their employees with private and secure remote access to their information systems. Nowadays deployed in many organizations, the VPN still presents some risks to the integrity of information systems. To overcome this issue, ZTNA (Zero Trust Network Access) solutions, which are much more secure, are gradually replacing the VPN within organizations. VPN: connecting two networks of trust… Read More >>
What exactly is Privileged Access Management? If you work in the IT industry, you’ve probably already heard terms like “Privileged Access Management” (PAM) and “Privileged User Management”. But you didn’t say anything because you didn’t know exactly what it was all about. Don’t worry, in this blog post you’ll learn everything you need to know about Privileged Access Management. PAM according to the Gartner According to the Gartner, “Privileged Access Management” (PAM) solutions are designed to help organizations provide a secure and privileged access to critical… Read More >>