Working from home : Cybersecurity tips to follow The latest transport strikes and the isolation of millions of employees to slow the spread of Covid-19 have been the vectors for massive teleworking in 2019 and 2020. The wide use of telework is not without risks for organizations’ information systems. Companies and organizations have less control over the networks, equipment and actions of their employees and, at the same time, must cope with an increase of cyber attacks from entities hoping to take advantage of this situation. Telework :… Read More >>
Workplace Experience, a challenge for companies in 2020? The Workplace Experience corresponds to all the experiences of an employee within an organization. These experiences will be decisive for his professional development, his ability to create value by aggregating skills and knowledge through a maximized collaboration, and ultimately to participate to the achievement of the organization’s objectives. Keys to a successful Workplace Experience The availability of a unique work environment, regardless of the access device, regardless of whether the user is at the company’s premises or on the move,… Read More >>
What exactly is Privileged Access Management? If you work in the IT industry, you’ve probably already heard terms like “Privileged Access Management” (PAM) and “Privileged User Management”. But you didn’t say anything because you didn’t know exactly what it was all about. Don’t worry, in this blog post you’ll learn everything you need to know about Privileged Access Management. PAM according to the Gartner According to the Gartner, “Privileged Access Management” (PAM) solutions are designed to help organizations provide a secure and privileged access to critical… Read More >>
Cybersecurity: a cost that generates savings For organizations, the deployment of cybersecurity solutions represents a significant and yet essential cost. The challenge is to avoid cyber attacks (internal or external to the organization) and therefore their financial consequences (among others). However, this cost must be seen in the context of potential savings that can be realized when a cyber attack fails thanks to the cyber security solutions deployed by the target organization. In their ninth annual study “The cost of Cybercrime” [01], Accenture Security and the… Read More >>
Password vault : its potential for cybersecurity Are you one of the 83% of Internet users who use the same credentials for several sites? If the answer is 011011110111010101101001, it means that it may be time to consider using a password “vault”. Password “vault”, what is it? By using a password “vault” or password manager, all passwords are secured. For example, it is possible to create unique and robust passwords for all applications, so you don’t forget them. The main features of a password “vault”: Data storage… Read More >>
The human face of the workplace A world without users? “Automation”, “DevOps”, “Robotic Process Automation” (RPA), bots, chatbots and other robots, “artificial intelligence” (AI), … According to some people, users will disappear from the scene: the omnipresence of computing, called “digital”, will eventually replace them, do everything for them, and even do more and better than they do. Clearly, as the French song goes, “we are very little things, …”. Will dematerialization go so far as to dematerialize the user? Is there anyone still behind the… Read More >>
European Cybersecurity Act : What certification process ? In 2017, the European Commission published a series of initiatives to strengthen the EU’s resilience, deterrence and defense against cyber attacks. These measures include the proposal for a Regulation on ENISA and the certification of information and communication technologies for cybersecurity (European Cybersecurity Act). This regulation gives ENISA a permanent mandate and strengthens its expertise in prevention, consultancy and cooperation. The European Cybersecurity Act also includes a second component aimed at creating a European cybersecurity certification framework, in which ENISA… Read More >>
Cybersecurity Act : What’s going to change? After being approved by the European Parliament on March 12, 2019, the Cybersecurity Act was finally adopted after its publication in the Official Journal of the European Union on June 7, 2019. The Cybersecurity Act strengthens the European Union Agency for Cybersecurity (ENISA) and establishes a European framework for the certification of cybersecurity products and services. A permanent mandate and more resources for ENISA With the Cybersecurity Act, ENISA, the European Union Agency for Cybersecurity, created in 2004, receives a… Read More >>
TISAX®, an information security mechanism in the automotive industry Based on the standard ISO 27001 and adapted to the requirements of the automotive field, the TISAX® (Trusted Information Security Assessment Exchange) mechanism was developed by the VDA (Verband der Automobilindustrie, the German automotive industry association) in partnership with an association of European automotive manufacturers, called the European Network Exchange (ENX). The TISAX® security audit mechanism allows the mutual acceptance of information security assessments (carried out by trusted and certified third parties) in the automotive industry and provides a common… Read More >>
A compliant but also effective solution Having no problems is the biggest problem of all. Taiichi ÔNO For at least ten years now, I have been telling prospects, students, employees, etc. that a security evaluation can be interpreted as an assessment of effectiveness in relation to security objectives. In other words, an evaluation (in the field of IT security) seeks to demonstrate that a product (or system) meets defined objectives in a compliant and effective manner. The day after my eldest daughter’s birthday, barely recovered from… Read More >>
Digital Confidence Management of privileged accounts: 5 key recommendations to protect your Information System