A lot of businesses haven’t got time to spend on implementing good Identity Security practices. And a bigger issue is that they don’t know where to start. A good example of this is password management. I’ve had sessions with smaller businesses who think they’re doing the right thing. They’re using a “Password Manager” to stopContinue reading “(Video) Should you let your staff use In-Built Browser Password Managers?”
Author Archives: Daniel Bligh
Mastering Advanced App-Onboarding with Entra
One of the services we offer at Assertiv is application onboarding. This is a unique area of specialisation, as complexity can wildly differ from application to application. We’ve seen customers get burned when they assume their use-case is straight forward. In this blog, I want to show you a unique use case on the moreContinue reading “Mastering Advanced App-Onboarding with Entra”
Why Shadow IT is the Enemy of Identity Security
Today, we are spoiled for choice when it comes to the tools we use to do our jobs. Startups are constantly innovating, providing us with new ways to solve complex problems. One of the most common mediums for delivering these tools is Software-as-a-Service (SaaS). It’s almost too easy. You’re only ever one registration form awayContinue reading “Why Shadow IT is the Enemy of Identity Security”
Superannuation Cyber Breach in Australia, Prevention and Mitigation Techniques
What do we know about the cybersecurity breach against superannuation providers in Australia? Last week, funds were stolen from a small number of superannuation accounts along with personal information stolen from many more. We’ll take a look at the attack and provide some feedback on how this could have been prevented or mitigated. We areContinue reading “Superannuation Cyber Breach in Australia, Prevention and Mitigation Techniques”
Permission Creep – The Hidden Threat in Your Organisation
Permission Creep (also known as Privilege Creep) ranks highly as a cyber threat for any organisation. It typically occurs when staff change roles and nobody bothers to remove their existing access (but read on, as it can materialise in lesser known ways too). It’s also avoidable in almost all cases. The risk of permission creepContinue reading “Permission Creep – The Hidden Threat in Your Organisation”
How Do Organisations Protect Service Accounts?
In today’s complex IT landscape, service accounts play a crucial role in automating and facilitating system-to-system communication. However, their inherent design also presents significant security risks that organisations must address. Unlike user accounts, service accounts typically do not support multi-factor authentication (MFA), making them particularly vulnerable to misuse. As system administrators often employ these accountsContinue reading “How Do Organisations Protect Service Accounts?”
Avoiding Cost Blowouts and Enhancing Agility: The Key to Successful App Onboarding
There is one big mistake many organisations make in their approach to application onboarding. This mistake leads to cost blowouts, poor technical governance, slow onboarding agility, and at worst (and we’ve seen it before) the total abandonment of an identity platform transformation. Before we expose this mistake we need to look at what an appContinue reading “Avoiding Cost Blowouts and Enhancing Agility: The Key to Successful App Onboarding”
Getting to Know the Identity Pillar of Zero Trust Architecture
Zero Trust Architecture (ZTA) is becoming a go-to framework for keeping our networks secure. It’s modern, and it throws away the idea that you can trust traffic that’s ‘on the LAN’. One of the most important parts of ZTA is the Identity pillar. Let’s break down what this means and why it matters for youContinue reading “Getting to Know the Identity Pillar of Zero Trust Architecture”
Introduction to Privileged Access Management (PAM)
Understanding Privileged Access Management: A Key to Cybersecurity I’m guessing if you’re here, you’ve got a lot of accounts with different levels of access, but you’re having trouble managing them all. What’s more, is you’ve got people asking for more accounts and more access every week. Each time a new privileged account is set upContinue reading “Introduction to Privileged Access Management (PAM)”
The (Not) Hackers Mentality – A Strategy for Safeguarding Your Authentication
When designing security for your organisation, consider looking from the outside in. Put on your black hat and think: “If I was trying to hurt this company, what could I do?” Throw away the rule book, disregard that moral compass and listen to the devil on your shoulder. Reckon you could do some damage? YouContinue reading “The (Not) Hackers Mentality – A Strategy for Safeguarding Your Authentication”