LimaCharlie is lucky to have some really amazing people on the platform. During the course of operating our business we often get to interact with our customers and sometimes those customers become friends: Stefan Waldvogel is one of these people. Stefan has had a very interesting journey on his way to becoming a cybersecurity professional and we asked him to share his story.
Organized cybercriminals are leaving traditional bank robbers in the dust. Nowadays, the banking sector’s most significant security concerns come in the form of online threats. Banks and other financial institutions process millions of transactions daily, with the majority of the transactions done via digital payment transfer platforms. For that reason, banks have become enticing targets for cybercriminals.
Access management is a key element of any enterprise security program. Using policies defined by IT administrators, access management enforces access rights across the network. It does this by designating which groups of users are allowed access to which applications and identifying which user attributes are required to access each application. Problems arise for businesses when they base their access management programs entirely around passwords, however.
The ISO 27001 certification can make a difference when your business is tied with deploying cloud-native applications. Providing relevance and credibility in front of potential customers will show that your company takes security seriously, ensuring the client’s trust. We previously covered other compliance frameworks in our blog, like GDPR, HIPAA, NIST, and SOC 2. Those frameworks also show a strong commitment to security best practices.
At Teleport we do IT a little differently — supporting a global remote company in hypergrowth is no easy feat and the playbook is different from traditional IT work. In this article, we want to share some of our IT philosophies that enable our employees to keep their agility despite working very asynchronously around the world.
Open source intelligence (OSINT) is the process of identifying, harvesting, processing, analyzing, and reporting data obtained from publicly available sources for intelligence purposes. Open source intelligence analysts use specialized methods to explore the diverse landscape of open source intelligence and pinpoint any data that meets their objectives. OSINT analysts regularly discover information that is not broadly known to be accessible to the public.
A cache is a temporary data storage location that stores copies of frequently accessed data or files to provide faster access to software or hardware. Computers, mobile devices, web browsers, and other applications use cache to speed up data retrieval. Caches allow faster access to this data by removing the need to reload it each time the device/app needs it. Cached data is reusable and can be retrieved directly.
Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular review is useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of a successful attack. CIS Control 8 emphasizes the need for centralized collection and storage and standardization to better coordinate audit log reviews.
Configuration at scale is hard. At Egnyte, we’d developed a flexible system that was advantageous early on but put increasing stress on our engineers and processes as the company grew. And, being a cloud deployed software product, we needed to be able to serve all of its customers, which meant we had to come up with a solution that addressed our current challenges and set us up to support our future growth as well.
Chat and messaging systems have helped customer experience teams expand and improve the services they offer through instant communications. As customers reach out to your business via platforms like Intercom, they can often share personal information like personally identifiable information (PII), credentials, email addresses, and credit card numbers (for PCI compliance) in their messages.
