Our Thinking

Dan Legault

Recent Posts

How GDPR Can Help the Privacy of Facebook Users

Posted by Dan Legault on Apr 17, 2018 5:37:13 PM

In light of Mark Zuckerberg’s appearance in front of Congress last week, Business Insider reported that Zuckerberg’s personal notes had the following reminder:

Read More

Topics: Risk Assessments, Security, GDPR

You have IAM controls defined - now what?

Posted by Dan Legault on Jun 21, 2017 3:26:42 PM

To implement security measures efficiently, organizations should start with the definition of policies and procedures and then focus on implementation projects.

One of the critical security measures is to enforce IAM controls throughout your organization.  In the course of working with hundreds of clients over the years, we’ve found that most organizations lack appropriate IAM policies and procedures, thus creating security deficiencies. 

Read More

Topics: Security

Are your privileged accounts under control? – Part Three: Who’s watching the watchers?

Posted by Dan Legault on Apr 28, 2017 4:32:41 PM

In previous blogs under the theme “Are your privileged accounts under control?”, the discussion focused on establishing foundational services to address privileged access and creating a prioritized and strategic two-year roadmap. But what about year three? Once you’ve got your foundational services in place and humming, next you can start looking at the advanced capabilities of privileged access management, and focus on “who is watching the watchers?” Who is keeping an eye on the keepers of high-risk accounts such as administrators?

Read More

Topics: Security

Are your privileged accounts under control? - Part Two

Posted by Dan Legault on Mar 24, 2017 3:39:59 PM

In our last blog, we introduced and expanded our analysis of how organizations keep their privileged accounts under control. We exposed the magnitude of the sensitivity of these accounts and the capabilities that may be required by them. Then, we introduced leading practices to get the accounts under control, mainly by executing a sound strategy. Now we will continue the discussion and reveal what the strategy should cover as well as how to manage its success.

Read More

Topics: Security

Are your privileged accounts under control? - Part One

Posted by Dan Legault on Mar 15, 2017 3:03:12 PM

Are your privileged accounts under control? This seems like a straightforward question but before you answer it, let’s take a step back and put the question into context.  

Read More

Topics: Security

Taking an IAM View of Verifone's Breach

Posted by Dan Legault on Mar 9, 2017 5:24:15 PM

Another major breach was disclosed on this week’s Krebs blog by acclaimed cybersecurity reporter Brian Krebs. He reported that Verifone is investigating a breach of its internal computer networks.  According to the article, it appears to have impacted several companies running Verifone’s point-of-sale solutions. The company says the extent of the breach was limited to its corporate network and that its payment services network was not impacted. It also appears that social engineering tactics were employed to gain initial access.

Read More

Topics: Security

Our Thinking - The Online Blog is a source for insights, resources, best practices, and other useful content from our multi-disciplinary team of Onliners.

Subscribe to Blog Updates

Recent Posts

Posts by Author

see all