How To Protect Your Business Against Insider Threats – The Essential Guide Part 2

In the first part of our essential guide we looked at the importance of using cross-departmental teams, and HR in particular, to combat insider threats, as well as the key role physical security can play in protecting business assets. Five More Essential Tips For Protecting Against Insider Threats Missed part one? You can read it here. Up-do-date? Let’s look at some more essential tips for ensuring insider security: 4. Consider Threats Across Your Entire Supply Chain An insider can be anyone who has access [...]

How To Protect Your Business Against Insider Threats – The Essential Guide Part 1

Businesses are increasingly waking up to the insider threats that pose significantly risk to data and business security. A recent survey of security professionals conducted by Intel and McAfee found that internal individuals were responsible for 43% of all serious data breaches experienced by their businesses. Of these, just over half (22% of the total) were caused by intentional, malicious actors; the rest (21% of the total) were caused unintentionally. 68% of these breaches were serious enough to have a negative [...]

Comply with NIST 800-171 easily by employing PAM

Comply with NIST 800-171 easily by employing PAM

NIST is an organization that helps craft policy for cyber-security and technology. NIST is well known and has released since early 2015 guidelines called 800-171. The NIST 800-171 deals with how to handle "Controlled Unclassified Information (CUI)". This pertains to unclassified information that resides in non-federal systems - like vendors who sell to the federal government. In this article we will talk about how Privileged Access Management (PAM) can help with satisfying criteria for NIST 800-171. it is important [...]

Effective Strategies to Stop Privilege Creep for Employee Accounts

Effective Strategies to Stop Privilege Creep for Employee Accounts

The vast majority of us have worked in organizations where employee churn, unaccounted for privileges, bloated access rights etc. have been a very real thing that IT and Ops has to deal with. In the case of employees being added to a fast moving Silicon Valley based Unicorn or a slower moving, but massive Fortune 500 enterprise, privilege creep is a very real issue. In this article we will discuss what is privilege creep, why it manifests itself and [...]

Agent Based Privilege Management is Dead

Agent based Privilege Management is dead

There are a significant number of enterprises that are moving to the cloud, private or public. In one way or the other enterprises have either moved away or are moving away from the on premise models of applications and server cluster deployments. Only very few highly regulated legacy applications and servers continue to hold their ground in terms of being not migrate-able. The Onion ID team is at AWS:Reinvent 2016 and Gartner IAM 2016 Summit - Please feel free [...]

Is Your IT Security a Roadblock For Your Employees?

Is Your IT Security a Roadblock For Your Employees?

Many employees feel like they are facing roadblocks in their workplace; barriers created by the increasingly stringent security methods required to protect today’s organizations from a wide range of digital threats. And what happens when we meet a roadblock? We try to go around it - we seek an alternative route, a quicker and more effective way to reach our destination. This is the challenge that many organizations face today: that the same barriers we rely on to protect our organizations [...]