- 100% protected – There is no such thing. A hacker will find a way around any defense, and to be in denial that an attack cannot occur is naïve, ignorant, and irresponsible. You are never 100% protected.
- Future proof – This marketing term is totally over used and has spilled over to security professionals now too. Nothing is future proof. It is only good for the foreseeable future.
- No competitors – Every vendor has a competitor. When choosing a cybersecurity solution make sure you look at all the competitors and challenge any claim that they are the only ones that can solve your problem.
- Air gapped – Some devices, data, and resources should never have direct (or even proxied) Internet access. Explaining the problem due to the lack of security controls that prevent Internet access will only get you in more trouble. While Internet access is generically perfectly acceptable, explaining it as a part of a breach or incident can be problematic. Some things must be 100% air gapped even though we could argue, nothing is 100%.
- No access control – The lack of segmentation, firewalls, and unrestricted lateral movement can be a deciding factor when a security incident turns into a breach. Blocking a threat from navigating around your network is just as critical as stopping it in the first place. If you have no access controls, no network zones, and allow unrestricted network communication, you might want to avoid explaining a situation without these basic tenants in place. After all, a flat network is a vulnerable network.
- Bad passwords – If describing a breach correlates to the cause of using the “same password”, you might as well forget about ethics and begin revisiting why you have a security policy and security team in the first place. Passwords should never be reused anywhere, and if a password was compromised dig deep as to why.
- Risk Reality
Privileged Access Management Solutions
Gain visibility and control over all privileged accounts and users.See All Solutions
- Endpoint Privilege Management
- Remove excessive end user privileges on desktops and servers
- Password Management
- Discover, manage, audit, and monitor privileged accounts
- Privileged Remote Access
- Give vendors secure remote access without using VPN
- DevOps Secrets Safe
- Meet the dynamic security requirements of highly elastic DevOps environments
- Remote Support
- Securely access and support any device, anywhere
In this webinar, we will look at several different ways to more safely provide admins with SSH/RDP access to VMs in the cloud.Register now
On the Blog