Blog

Application Greylisting Provides Greater Security and Flexibility

Application Greylisting
Misplaced trust is a dangerous thing when it comes to cybersecurity. Attackers routinely take advantage of systems that automatically permit certain types of activity. Therein lies the problem with application whitelisting, which is the practice of designating specific applications that users are allowed to run on their systems. It’s the opposite of blacklisting, which blocks applications that are known...

Clango Innovation Labs: Maximizing the Value of CyberArk

CIL
Given the large and growing volume of privileged account credentials in the typical IT environment, most organizations recognize the need for automated privileged account management (PAM) solutions. PAM platforms provide one central location for storing, protecting, and managing privileged credentials so only authorized users can access them for legitimate business or IT reasons. However, PAM solutions have a reputation...

How to Minimize the Risk of Local Admin Rights and Privileged Account Attacks

EPM
In our last post, we discussed the risks of granting administrator rights to end users at the workstation level. Local admin rights enable users — or hackers — to do whatever they want with a machine. An attacker who is able to obtain local admin credentials can launch a “pass-the-hash” attack, leveraging well-known Windows vulnerabilities to obtain higher-level privileged...

Privileged Account Risk Begins at the Workstation Level

Local Admin Risk
At Clango, our CyberArk consultants and engineers are often asked, “What constitutes a privileged account?” Many people who ask that question are surprised by the answer. There’s a common misconception that privileged accounts are only those that enable the highest levels of administrator access — for example, domain controller credentials in a Microsoft environment. However, any admin rights, even...

Fill Skills Gaps by Partnering with CyberArk Experts

CyberArk Engineers
Demand for IT professionals continues to increase, causing the “skills gap” to grow wider than ever. According to the Bureau of Labor Statistics (BLS), by 2020, there will be one million more IT jobs available than qualified applicants to fill them. In a 2017 study by industry association CompTIA, 46 percent of executives said that skills shortcomings had gotten...

How to Facilitate the IT Audit Process with CyberArk

IT Audits
Many IT teams dread the arrival of auditors. Perhaps they lack a basic understanding of the IT audit process, and don’t know what the auditors are looking for. However, IT teams should recognize the importance of having a third party evaluate the organization’s overall security and compliance position, and facilitate the process through the use of tools such as...

Sure, CyberArk Has an Export Tool, but There’s a Better Way

CyberArk Export
It can be surprisingly challenging to simply list all the privileged accounts stored in the CyberArk Enterprise Password Vault. While Password Vault Web Access (PVWA) provides some reports, they do not cover the full range of use cases most organizations need to meet compliance and operational requirements. Depending on the size of your vault implementation and your specific reporting...

Accelerate Privileged Account Management with CyberArk v10

Clango
Privileged Account Management (PAM) is critically important to effective cybersecurity. If privileged account credentials are compromised, an attacker could gain virtually unfettered access to IT resources. However, many organizations remain lax in their PAM practices. Default administrator credentials are left unchanged, users share credentials, and users are granted full admin rights when they don’t really need them. Organizations that...

What Is Privileged Session Management and Why Is It Important?

PSM
The critical first step in privileged account management (PAM) is to identify, consolidate, and lock down privileged credentials so only authorized users have access to them. However, this is only the first step. To be effective, PAM should include privileged session management as well as credential protection. Privileged session management is a security control involving the monitoring and recording...

Managing Mobile Data Access Key to GDPR Compliance

Clango
Recently, one of the strictest data privacy laws ever enacted officially goes into effect. As organizations around the world review how they handle employee and customer information, many are finding that mobile devices present a significant risk for noncompliance. Officially implemented on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) is designed to standardize data security...