The sudden change in global affairs has likely created new challenges for you and your team, making it hard to keep up with what matters most to your business — your customers and employees. With many people forced into shelter-in-place by the current situation, the question of how to survive this pandemic has suddenly morphed to how to work effectively with a remote…
Passwords are one of the most insecure security measures today. The same passwords are listed as the most used year after year (which is simply a repercussion of too many systems/passwords), and when they’re forgotten, password resets via the helpdesk have zero validation around who’s actually calling. To simplify the process of password resets, self-service…
In a recent article, we discussed how Password Self-Service (PSS) needs to be managed with a degree of granularity. The basis for this argument is that users with varying levels of elevated privileges should be protected with additional layers of complexity and scrutiny. This allows an organization to ensure appropriate levels security are enforced based…
In a world where organizations need to implement layers of security to protect themselves from the dangers of external attacks, it becomes more and more important to know someone is who they say they are – often on an on-going basis. Compromised credentials via successful malware attacks make even the most trusted of users a…
With users having so many passwords – both personally and professionally – and with the ability to have operating systems and browsers remember password on the user’s behalf, it’s understandable that they may find themselves forgetting their password at one time or another. They can use the age-old insecure process of calling the helpdesk, or…
No one really likes to remember passwords. You’re probably in one of two camps – either you use the same password everywhere just to avoid needing to remember a variety of complex phrases, or you, like me, use a password database to store them (in which case, I only need to remember the password to…
In previous blogs, we’ve stressed the need for IT to go outside of itself and embrace application owners, line-of-business owners, and other stakeholders within your user base. These people generally have better insight into the daily needs and changes related to the applications and resources that they use and can therefore manage the access to…
Many organizations still follow the traditional practice of writing or printing passwords on paper and keeping them in a physical vault, which would remain under the control of the IT department. When you have issues with your password or you need to unlock your account, you will have to either track the person who may…
Enterprise software needs to do one of two things: increase productivity or reduce costs. If it isn’t helping your business make money it is rather pointless. Even software that helps to comply with regulations is doing this, assuming the software cost is less than the fine for not doing it. I picture IT departments huddling…
We recently received a support email about how Password Center handles a 72 character Active Directory password. I read it in disbelief. Seventy-two characters? That’s the alphabet 2, almost 3, times over. How does anyone remember a 72 character password? Turns out, pretty darned easily. Because the best Active Directory password isn’t a word at all…it’s a…