Blog posts

ITGC Controls: Why Are They Essential And How To Execute Them?

ITGC Controls: Why Are They Essential And How To Execute Them?

Today, no organization escapes demonstrating the security and compliance of access rights which are subjected to regulatory standards (ISO 27001, ISO 27002, ISAE 3402, SOC 1 and 2, SOX, CMMC, HI Trust, HIPPA, CRBF, Solvency, etc.). The implementation of IT General...

Are User Access Review And Access Recertification The Same Thing?

Are User Access Review And Access Recertification The Same Thing?

Do you know the difference between user access reviews and access recertification? They sound like they could be interchangeable, but nothing could be further from the truth. Although both are designed to protect the resources within your information systems (IS), the...

Why Is Privileged Access Management Important To Your Organization?

Why Is Privileged Access Management Important To Your Organization?

Privileged accounts, a frequent target with real risk of cyber attack   Today, organizations must deal with many types of threats (cyber-attacks, fraud, theft and compromised data), which multiply when we add in the digital transformation, working from home and...

Follow The EBA/EIOPA Guidelines To Secure Logical Access Rights

Follow The EBA/EIOPA Guidelines To Secure Logical Access Rights

Nearly two years ago, the European Banking Authority (EBA) and the European Insurance and Occupational Pensions Authority (EIOPA) defined their guidelines for risk management related to both information and communication technologies (ICT) and security for the...

10 Best Practices to Optimize Your User Access Reviews

10 Best Practices to Optimize Your User Access Reviews

A tedious requirement for companies   For any organization, the user access review is an important practice. As a critical component of your Identity and Access Management (IAM) strategy, this control mechanism ensures that your Information System (IS) users have...

Privileged Accounts:  Learn To Recognize Them To Better Protect Them!

Privileged Accounts: Learn To Recognize Them To Better Protect Them!

It is no secret that all organizations use privileged accounts, and for good reason: they give users certain privileges that allow them to control systems, resources and applications. Privileged accounts and passwords are particularly targeted during cyberattacks and,...

Can An IAM Project Be Done Without Identity Analytics?

Can An IAM Project Be Done Without Identity Analytics?

Almost two years ago, Gartner made an observation about Identity and Access Management (IAM) projects, saying that the deployment of more than half of them posed problems and was subject to major execution difficulties. Two years later, this assessment is still...

Review of Infrastructure Access: How to do it? Why do we need it?

Review of Infrastructure Access: How to do it? Why do we need it?

Infrastructure access is not always well understood, controlled or reviewed. IAM/IGA projects generally focus on application rights while neglecting infrastructure access. As a result, it is common to find that accounts and the rights assigned to them accumulate...

What Is A User Access Review?

What Is A User Access Review?

Organizations evolve every single day. Some of the changes include the departure of an employee, the arrival of a new colleague, the implementation of an innovative application, and the launch of a project involving external service providers.  Each event impacts the...

Identity Analytics Is At The Heart Of A Cybersecurity Strategy

Identity Analytics Is At The Heart Of A Cybersecurity Strategy

We live in a world where all users, whether employees, providers, sub-contractors, partners or customers, have become intense consumers of data and IT services. Additionally, with the new work-from-home phenomenon, it has become impossible to control the workspace or...

What Is Privileged Access?

What Is Privileged Access?

Whether on-premise or in the cloud, privileged access is everywhere, scattered throughout a company's infrastructure. On average, there are three times as many privileged accesses as there are employees within an organization. All organizations now use privileged...

ITGC IT General Controls

ITGC IT General Controls

ITGC How did it begin? In October 2001 when the Enron scandal broke, the company specialized in energy brokerage, at the time one of the largest market capitalizations in the world. The focus of the scandal was a recurring falsification of accounts, with the...