Is your Business Audit-Ready? Four Key Data Questions You Must Answer

Is your Business Audit-Ready? Four Key Data Questions You Must Answer

Audit – a word that is certain to strike fear and trepidation into almost any IT professional. Yet in an environment where hardly a week goes by that we don’t hear about one business or another being hacked, audits are essential. Losing control of valuable customer data can leave a business open to lawsuits and fines, and the damage to done to your reputation can be even more costly. Depending on your business, your audit might be necessary to comply with [...]

Tur-Duck-En Security for IT and DevOps

Tur-Duck-En Security for IT and DevOps

Thanksgiving is a popular US tradition. Being an immigrant to this great country it has always been something I have looked forward to. I am excited to have my family and friends around the table, enjoy good food, catch up, laugh and have a great time. I got thinking this year about Tur-duck-en. Why am I talking about Tur-duck-en when it comes to enterprise security? The reason is that as of now enterprise security in most companies is like a [...]

Session Recording - Header Image

Did John run rm –rf*? Why enterprises use session recording

For those of us who have been in Enterprise IT teams and DevOps groups it is a fact of life to be called in to investigate an incident. The incident in question can range from – we think we have been hacked to we are being sued we need to get data to prove our case. I am going to talk about the centre of this wide spectrum – employee activity validation. What is the problem? Your business runs on certain [...]

SSH Keys Management - Header Image

A better way to manage SSH Keys

For IT administrators, DevOps leads and developers SSH Keys are a way of life. These little gibberish looking files, placed in esoteric .ssh folders inside your laptop or cloud server is the plumbing that makes all the applications and scripts work together. However, SSH key management is a severe pain for many organizations. A little exercise for you: "Are you affected?" How about a little exercise? Send a quick email to your IT lead/DevOps lead and ask them – how often [...]

Incorrect Passwords

How to Create Strong, Memorable Passwords

Every day we use passwords to access our email, look at our bank accounts, make payments, log in to social media and much more. Most users have passwords for at least ten sites, and possibly many more. In most cases, these passwords are all that stand between our personal information and criminals that want to access that data and take advantage of it for their own profit. Imagine if someone could access your bank account, your social media, or your [...]

Halloween Zombie Eyes

How Halloween inspired me on IT Infrastructure Access Control

Last year while giving candy to some very cute children in my neighborhood I was suddenly reminded of server access security! Bear with me for a bit as I take you on a journey through my random security oriented thoughts. Trick or Treat and Halloween Costumes My family and I usually give candy (the good kind mind you, no tootsie rolls) every year to lots of young children who visit our house in a residential neighborhood here in the Bay Area. [...]

The Agony of Provisioning Users on Cloud-Based Services

The Agony of Provisioning Users on Cloud-Based Services

The Agony of Provisioning Users on Cloud-Based Services In this article, we are going to take a look at the frustrations that businesses may face when provisioning users to cloud-based applications that they use. We will examine the most common difficulties, and how Onion ID can help you to overcome them. Dashboards are often confusing Millions of business users and Internet users experience frustration with online dashboards on a daily basis. Dashboards are often confusing, add to that the hassle of maintaining [...]

5 Trends Driving Identity and Access Management

Five Trends That Are Driving The Need For Identity and Access Management

Fifteen years ago, Identity and Access Management (IAM) was relatively simple; employees would work on the premises using a desktop PC that had been set up and configured by the IT department. Only those who had a login could gain access, and if you weren’t on the premises it was a lot harder to gain access to valuable corporate resources. Fast-forward to today and security breaches of corporate IT networks are rarely out of the news. So far in 2015 [...]

Why Anybody Can Steal Your Passwords

You juggle dozens of user names and passwords these days, especially if your business uses multiple cloud services. It's nearly impossible to come up with new passwords, change them regularly, and resist the temptation to use the same password for everything — or write it all down on paper. Data breaches impact companies large and small on a regular basis, and anyone can steal your passwords; it's not all that hard to do. When Malware Ruins Your Day Malware comes in [...]