How to secure the BYOPC? Widely democratized in recent months due to the unexpected and massive lockdown caused by the first wave of the Covid-19 epidemic, the BYOPC (Bring Your Own PC) concept is now becoming a real issue for the IT departments of organizations. For them, this practice provides as many organizational solutions as it generates security issues for the information system. While it is generally not recommended to let employees use their personal computers to access their organization’s applications and resources, today there… Read More >>
After teleworking, are we heading towards a democratization of flex office? While telework has widely developed in organizations in 2020 due to the Covid-19 pandemic, flex office now appears as the next logical step in the reorganization of workspaces. Regular teleworking (for example one or two days a week) promotes a reorganization of offices: for the same number of employees, fewer workstations are necessary within the organization’s premises. What is the flex office? The flex office concept means that there is no dedicated office for each employee. When they are on… Read More >>
User Behavior Analytics (UBA): key applications for cybersecurity While User Behavior Analytics (UBA) is not a new concept, its applications are multiplying as Machine Learning becomes more mature. By associating Machine Learning and Big Data, UBA updates the patterns (reference models) and detects any deviation that is potentially dangerous for the information system. What is User Behavior Analytics? User Behavior Analytics is a category of applications that analyzes the user’s behavior and detects abnormal and potentially malicious actions. This behavioral analysis, which can be applied to all users,… Read More >>
Behavioral biometrics: A new authentication factor which needs to develop Still marginal today, behavioral biometrics is already revolutionizing paradigms and authentication methods. By strengthening the security of information systems and making authentication more comfortable for users, this new factor is essential in the dynamic context created by today’s technological evolution and society. Indeed, the traditional password is becoming increasingly obsolete and used alone, it does not guarantee a sufficient level of security. Multi-factor authentication responds to this issue, with a trend towards the use of factors inherent to the user… Read More >>
What are the regulations for OVI and OES? The multiplication of attacks and threats to organizations’ information systems has prompted the French government and the European Union to implement recommendations and rules for private companies and public administrations. The requirement level of these rules and recommendations varies according to the importance of the target organization. They are optional for organizations considered as non-sensitive, but, at different levels, mandatory for OVI (Operators of Vital Importance) and OES (Operators of Essential Services). Limiting the cyber risk of OVI and OES… Read More >>
6 advantages of the democratization of telework Still very limited a few years ago, telework has taken a drastic yet salutary step forward for the large number of organizations that have used it: in many cases, it was the only way to maintain the economic activity without putting employees at risk of health hazards. This forced democratization of telework has proved to be beneficial in this period of health crisis, but it will also be beneficial in the future and in a much broader context than just… Read More >>
The Zero trust chain Over the last few years, “Zero Trust” has been established as the reference model for information systems security. While ZTNA (Zero Trust Network Access) is one of its essential building blocks, “Zero Trust” goes beyond external access rights. A whole chain of trust is required to implement this model: identity and access management (IAM), privileged user management (PAM) and application virtualization (VDI). To be effective, this “Zero Trust” chain of trust must be seen as a set of interdependent solutions… Read More >>
Secure Access Service Edge: A Paradigm Shift The network and network security world is experiencing, like any other technology, its digital revolution. The traditional vision of “inside the firewall” and “outside the firewall” has been shattered: Internet has become the network of the extended enterprise. Secure Access Service Edge: Trends Leading to a Paradigm Shift Moving from a “network-centric” architecture to a “user-centric” and “application-centric” architecture. On the one hand, the cloud and the decentralization of servers and applications in disparate clouds; on the other hand, the… Read More >>
Covid-19: the forgotten side of teleworking A few days ago, a survey conducted by Odoxa-Adviso Partners estimated that there are 5.1 million people teleworking in France during this period of covid-19 health crisis. This means that 3.3 million employees have the possibility to work remotely, in addition to the 1.8 million who already occasionally had this possibility before. This flexibility is excellent news for our economy because it allows us to maintain part of the nation’s productive force, and also to save a few billion in… Read More >>
Making the administration workstation incorruptible with a hardened thin client terminal The terminal allowing administrators to access the administration network is a key element for the global security of organizations’ information systems. A possible corruption of this terminal is a major risk for companies. The use of a hardened thin client terminal communicating with administration virtual desktops allows you to take advantage of the specific and secure architecture of a hardened thin client terminal while benefiting from the functionalities of Privileged Access Management (PAM) solutions thanks to virtualization. Prerequisites for using… Read More >>