Teleworking: how to protect companies against the resurgence of cyber attacks 2020, already a difficult year from a health and economic point of view, will be a milestone in terms of cybercrime. Cyber attacks have multiplied, often exploiting vulnerabilities related to remote work. The first lockdown demonstrated the resilience of a large part of our companies, driven by dedicated IT teams whose sole objective was the impossible task of getting three million employees to telework… in just a few days. As a manager of a major French bank told me recently,… Read More >>
What measures should be implemented to secure teleworking? Today, more than ever, the way organizations manage to secure teleworking has an impact on the overall security of information systems. Teleworking is no longer a project or a temporary exception; it is now strongly anchored in organizations’ practices and represents an additional challenge for IT departments: it is no longer a question of being able to secure the remote accesses of certain employees on a temporary basis, but rather of being able to secure the remote accesses to the… Read More >>
How to secure the BYOPC? Widely democratized in recent months due to the unexpected and massive lockdown caused by the first wave of the Covid-19 epidemic, the BYOPC (Bring Your Own PC) concept is now becoming a real issue for the IT departments of organizations. For them, this practice provides as many organizational solutions as it generates security issues for the information system. While it is generally not recommended to let employees use their personal computers to access their organization’s applications and resources, today there… Read More >>
6 advantages of the democratization of telework Still very limited a few years ago, telework has taken a drastic yet salutary step forward for the large number of organizations that have used it: in many cases, it was the only way to maintain the economic activity without putting employees at risk of health hazards. This forced democratization of telework has proved to be beneficial in this period of health crisis, but it will also be beneficial in the future and in a much broader context than just… Read More >>
The Zero trust chain Over the last few years, “Zero Trust” has been established as the reference model for information systems security. While ZTNA (Zero Trust Network Access) is one of its essential building blocks, “Zero Trust” goes beyond external access rights. A whole chain of trust is required to implement this model: identity and access management (IAM), privileged user management (PAM) and application virtualization (VDI). To be effective, this “Zero Trust” chain of trust must be seen as a set of interdependent solutions… Read More >>
Least privilege: a key principle for the security of the Information System The least privilege principle consists in limiting the rights/authorizations of any individual on the information system to only those applications/data that are necessary for his missions. This principle appears in many guides relating to cybersecurity, in particular in documents published by the National Cybersecurity Agency of France – ANSSI (PA-022 – recommendations relating to the secure administration of information systems or PG-040 – recommendations for the implementation of system partitioning) or in the rules issued by the French MPL (Military… Read More >>
Working from home : Cybersecurity tips to follow The latest transport strikes and the isolation of millions of employees to slow the spread of Covid-19 have been the vectors for massive teleworking in 2019 and 2020. The wide use of telework is not without risks for organizations’ information systems. Companies and organizations have less control over the networks, equipment and actions of their employees and, at the same time, must cope with an increase of cyber attacks from entities hoping to take advantage of this situation. Telework :… Read More >>
VPN vs ZTNA Since the democratization of Internet at the end of the 1990s, the VPN (Virtual Private Network) has been used by companies to provide their employees with private and secure remote access to their information systems. Nowadays deployed in many organizations, the VPN still presents some risks to the integrity of information systems. To overcome this issue, ZTNA (Zero Trust Network Access) solutions, which are much more secure, are gradually replacing the VPN within organizations. VPN: connecting two networks of trust… Read More >>
Workplace Experience, a challenge for companies in 2020? The Workplace Experience corresponds to all the experiences of an employee within an organization. These experiences will be decisive for his professional development, his ability to create value by aggregating skills and knowledge through a maximized collaboration, and ultimately to participate to the achievement of the organization’s objectives. Keys to a successful Workplace Experience The availability of a unique work environment, regardless of the access device, regardless of whether the user is at the company’s premises or on the move,… Read More >>
ZTNA : A look back to the Zero Trust concept In its Market Guide for Zero Trust Network Access (ZTNA), Gartner estimates that by 2022, 80% of new business applications open to a partner ecosystem will be accessible via a ZTNA solution. According to Gartner, by 2023, 60% of companies will have replaced their remote VPN access with the ZTNA remote access. Zero Trust is therefore emerging as one of the key issues for CIOs and CISOs in the coming years. ZTNA / Zero Trust : what are the origins… Read More >>