Privileged access management (PAM) solutions have been around in various forms for decades now. Whether you want a password vault, session management, reduced privilege or a combination of privileged management workflows, there’s been no shortage of vendors to choose from. So why does the thought of PAM still make admins shudder? Surely, it should be enjoyable to have a PAM solution humming along, reducing your organization’s risk while you, the admin, focus on your other duties.

The entitlement review definition is simple: a review of user access permissions and other rights. The goal of a user entitlement review is to ensure that each user in the IT environment has access to the data they need to do their job and nothing more — the principle of least privilege. A structured and regular entitlement review process helps mitigate security risks and protect sensitive data.

Are you in the process of evaluating privileged access management solutions? Read on to learn what you should focus on to choose the right PAM solution to protect your organization’s data.

On May 1, 2021, ISC² implemented a refreshed set of objectives for the CISSP certification exam for security professionals in order to keep it relevant to the latest technologies and cybersecurity standards, requirements and processes. New information security concepts, terms and acronyms have been added and others are better covered.

Zero Trust is a security model — a strategy for protecting an organization’s IT assets, including data, services and applications. The Zero Trust model is built upon research more than a decade ago by analysts at Forrester, and it is now recommended by many security experts and vendors, including Microsoft. Zero Trust is a security architecture model that requires no implicit trust to be given in any quarter.

The California Privacy Rights Act (CPRA) is an extension of the 2018 California Consumer Privacy Act (CCPA). The goal of both laws is to enhance the privacy rights of California residents with regards to the personal information that companies collect about them, giving them the right to see, delete and limit the sale of that data. The CPRA will be fully implemented in mid-2023. In this article, we will take a close look at the provisions of CPRA and how it amends the CCPA.

Although external cybersecurity attacks and malware make for sensational headlines, the biggest security threat most organizations face comes from trusted insiders with privileged access to sensitive data. Cybersecurity Insider’s 2020 Insider Threat Report reveals that 68% of organizations report that insider attacks are becoming more frequent and that they feel vulnerable to them.

I can’t tell you how many times I’ve been asked by customers if we can help them apply sensitivity labels at scale to data at rest in SharePoint Online. Unfortunately, I’ve had to tell them that there’s really only one option, and it’s not pretty. To date, there is no API that allow an end user to apply a sensitivity label directly to a file in a SharePoint Online site, so the only real option is to download the file locally, apply the label and then upload the file.