Blog posts

Follow the EBA/EIOPA guidelines to secure logical access rights

Follow the EBA/EIOPA guidelines to secure logical access rights

Nearly two years ago, the European Banking Authority (EBA) and the European Insurance and Occupational Pensions Authority (EIOPA) defined their guidelines for risk management related to both information and communication technologies (ICT) and security for the...

10 Best Practices to Optimize Your User Access Reviews

10 Best Practices to Optimize Your User Access Reviews

A tedious requirement for companies   For any organization, the user access review is an important practice. As a critical component of your Identity and Access Management (IAM) strategy, this control mechanism ensures that your Information System (IS) users have...

Privileged accounts:  learn to recognize them to better protect them!

Privileged accounts: learn to recognize them to better protect them!

It is no secret that all organizations use privileged accounts, and for good reason: they give users certain privileges that allow them to control systems, resources and applications. Privileged accounts and passwords are particularly targeted during cyberattacks and,...

Can An IAM Project Be Done Without Identity Analytics?

Can An IAM Project Be Done Without Identity Analytics?

Almost two years ago, Gartner made an observation about Identity and Access Management (IAM) projects, saying that the deployment of more than half of them posed problems and was subject to major execution difficulties. Two years later, this assessment is still...

Review of Infrastructure Access: How to do it? Why do we need it?

Review of Infrastructure Access: How to do it? Why do we need it?

Infrastructure access is not always well understood, controlled or reviewed. IAM/IGA projects generally focus on application rights while neglecting infrastructure access. As a result, it is common to find that accounts and the rights assigned to them accumulate...

What is a user access review?

What is a user access review?

Organizations evolve every single day. Some of the changes include the departure of an employee, the arrival of a new colleague, the implementation of an innovative application, and the launch of a project involving external service providers.  Each event impacts the...

Identity Analytics is at the Heart of a Cybersecurity Strategy

Identity Analytics is at the Heart of a Cybersecurity Strategy

We live in a world where all users, whether employees, providers, sub-contractors, partners or customers, have become intense consumers of data and IT services. Additionally, with the new work-from-home phenomenon, it has become impossible to control the workspace or...

What is privileged access?

What is privileged access?

Whether on-premise or in the cloud, privileged access is everywhere, scattered throughout a company's infrastructure. On average, there are three times as many privileged accesses as there are employees within an organization. All organizations now use privileged...

ITGC IT General Controls

ITGC IT General Controls

ITGC How did it begin? In October 2001 when the Enron scandal broke, the company specialized in energy brokerage, at the time one of the largest market capitalizations in the world. The focus of the scandal was a recurring falsification of accounts, with the...