How to secure the BYOPC? Widely democratized in recent months due to the unexpected and massive lockdown caused by the first wave of the Covid-19 epidemic, the BYOPC (Bring Your Own PC) concept is now becoming a real issue for the IT departments of organizations. For them, this practice provides as many organizational solutions as it generates security issues for the information system. While it is generally not recommended to let employees use their personal computers to access their organization’s applications and resources, today there… Read More >>
Secure Access Service Edge: A Paradigm Shift The network and network security world is experiencing, like any other technology, its digital revolution. The traditional vision of “inside the firewall” and “outside the firewall” has been shattered: Internet has become the network of the extended enterprise. Secure Access Service Edge: Trends Leading to a Paradigm Shift Moving from a “network-centric” architecture to a “user-centric” and “application-centric” architecture. On the one hand, the cloud and the decentralization of servers and applications in disparate clouds; on the other hand, the… Read More >>
Making the administration workstation incorruptible with a hardened thin client terminal The terminal allowing administrators to access the administration network is a key element for the global security of organizations’ information systems. A possible corruption of this terminal is a major risk for companies. The use of a hardened thin client terminal communicating with administration virtual desktops allows you to take advantage of the specific and secure architecture of a hardened thin client terminal while benefiting from the functionalities of Privileged Access Management (PAM) solutions thanks to virtualization. Prerequisites for using… Read More >>
Workplace Experience, a challenge for companies in 2020? The Workplace Experience corresponds to all the experiences of an employee within an organization. These experiences will be decisive for his professional development, his ability to create value by aggregating skills and knowledge through a maximized collaboration, and ultimately to participate to the achievement of the organization’s objectives. Keys to a successful Workplace Experience The availability of a unique work environment, regardless of the access device, regardless of whether the user is at the company’s premises or on the move,… Read More >>
Identity and security Security is a global issue. The security approach has not changed much since Roman times. The idea behind defense-in-depth is to create concentric security circles around the sensitive assets to be protected. Each circle being designed to slow and potentially weaken the enemy’s attack until it is repelled or at the very least detected. We all know the structures of castles, moats, drawbridges and dungeons. Today, the defenses of equivalent modern information systems are called physical security, firewalls, authentication and… Read More >>
The human face of the workplace A world without users? “Automation”, “DevOps”, “Robotic Process Automation” (RPA), bots, chatbots and other robots, “artificial intelligence” (AI), … According to some people, users will disappear from the scene: the omnipresence of computing, called “digital”, will eventually replace them, do everything for them, and even do more and better than they do. Clearly, as the French song goes, “we are very little things, …”. Will dematerialization go so far as to dematerialize the user? Is there anyone still behind the… Read More >>
TISAX®, an information security mechanism in the automotive industry Based on the standard ISO 27001 and adapted to the requirements of the automotive field, the TISAX® (Trusted Information Security Assessment Exchange) mechanism was developed by the VDA (Verband der Automobilindustrie, the German automotive industry association) in partnership with an association of European automotive manufacturers, called the European Network Exchange (ENX). The TISAX® security audit mechanism allows the mutual acceptance of information security assessments (carried out by trusted and certified third parties) in the automotive industry and provides a common… Read More >>
The Cleanroom concept for a safe and secure administration A bastion is a military structure projecting outward from the wall of a fortress. In computer science, we can extrapolate the term “bastion” to a host deliberately exposed to an external, not trusted, network. In general, the purpose of a “cyber bastion host” is to protect a network or part of a network from external threats; it is therefore the most exposed element, the one that is most likely to be attacked . If a bastion “falls down”, the whole… Read More >>
Telework: how to access your enterprise IS securely from home? On my way to telework, I got telepunched for over speeding on the information highway… and it cost me a hell of a telefine! Philippe GELUCK (“Le tour du chat en 365 jours”) Starting with the Macron Ordonnance of September 2017, any employee can request to telework in France. Besides revolutionizing managerial rules, telework allows an adapted organization of professional time by and for an employee. It should be reminded that, by definition, telework is performed outside the employer’s premises… Read More >>
How to secure IT administrators’ desktops? The weakest link in a chain is the strongest because it can break it. Stanislaw Jerzy Lec Information Systems (IS) have developed considerably and are constantly progressing. The Information Systems Security is crucial from an economic and State standpoint, and even from a personal perspective. However, the Information Systems Security is based mainly on its weakest link, which is also the essential element: the human. The administrator who has a power and a very strong responsibility is no exception to… Read More >>