Tag: CyberArk

Clango Confide Makes Privileged Account Security Seamless for Users

Confide
The number of privileged accounts has grown rapidly in recent years as organizations have adopted DevOps practices. DevOps teams constantly create hosts, machines, and systems, each of which has one or more privileged accounts associated with it. They also use a wide array of continuous integration and delivery tools and process scripts that also contain passwords, encryption keys, and...

The Critical Importance of Managing Business Partner Security Risks

Partner Security
It is well known that the 2013 Target data breach was the result of a compromised third-party vendor. Attackers sent a phishing email to a refrigeration company that did business with Target and had access to some of Target’s computer systems. At least one user fell for the phishing email, causing malware to be installed on the company’s systems....

How Clango and CyberArk Streamline Compliance Audits for Federal Agencies

Federal agencies face the same security threats as private-sector organizations, as well as a heightened risk of attack by state-sponsored cybercriminals. In addition to following security best practices, federal agencies must adhere to laws, directives, and guidance that mandate various cybersecurity controls. Central to many of these regulations is a requirement for robust authentication and authorization of users attempting...

Effective Privileged Account Management Requires Identity Governance

Privileged ID Governance
The typical enterprise has an ever-increasing number of privileged accounts to manage across on-premises and cloud environments. These privileged accounts extend outside the organization to contractors, business partners, and other third parties. Holders of privileged credentials access systems and data from a wide range of devices and diverse locations. Many systems and applications also use privileged credentials to access...

How to Gain Strong Authentication across the Extended Enterprise

Clango
As organizations implement cloud, mobile and Internet of Things platforms, applications and devices are moving outside the physical boundaries of corporate headquarters. Identity has emerged as the new perimeter to these borderless networks, and a preferred attack vector used by cyber criminals to breach systems and exfiltrate sensitive data. The cloud in particular raises concerns about the risk of...

Privileged Account Management Is Critical in the Cloud

Cloud Security
The move to the cloud began in earnest in 2007, as organizations looked for ways to cut capital expenses during the Great Recession. Fast-forward a decade, and the cloud is more popular than ever. According to a recent survey by LogicMonitor, 68 percent of workloads are running in public, private, or hybrid clouds, and that number will increase to...

Application Greylisting Provides Greater Security and Flexibility

Application Greylisting
Misplaced trust is a dangerous thing when it comes to cybersecurity. Attackers routinely take advantage of systems that automatically permit certain types of activity. Therein lies the problem with application whitelisting, which is the practice of designating specific applications that users are allowed to run on their systems. It’s the opposite of blacklisting, which blocks applications that are known...

Clango Innovation Labs: Maximizing the Value of CyberArk

CIL
Given the large and growing volume of privileged account credentials in the typical IT environment, most organizations recognize the need for automated privileged account management (PAM) solutions. PAM platforms provide one central location for storing, protecting, and managing privileged credentials so only authorized users can access them for legitimate business or IT reasons. However, PAM solutions have a reputation...

How to Minimize the Risk of Local Admin Rights and Privileged Account Attacks

EPM
In our last post, we discussed the risks of granting administrator rights to end users at the workstation level. Local admin rights enable users — or hackers — to do whatever they want with a machine. An attacker who is able to obtain local admin credentials can launch a “pass-the-hash” attack, leveraging well-known Windows vulnerabilities to obtain higher-level privileged...

Privileged Account Risk Begins at the Workstation Level

Local Admin Risk
At Clango, our CyberArk consultants and engineers are often asked, “What constitutes a privileged account?” Many people who ask that question are surprised by the answer. There’s a common misconception that privileged accounts are only those that enable the highest levels of administrator access — for example, domain controller credentials in a Microsoft environment. However, any admin rights, even...