Implementing Role-Based Access Controls for Third-Party Access

Role-Based Access Control or RBAC as it’s commonly referred to as, has been considered a core best practice for organizations to protect their IT assets for a long time. According to NIST, where it originated in a research paper several decades ago, there are three key aspects to a proper RBAC implementation: least privilege, separation […]

How To Catalog Vendors With Access to Your Network

Working with vendors, business partners, and other third parties is a fact of life for most organizations. However, once vendors are selected, vetted, and onboarded, they will often be given remote access to your network, and that’s where problems can arise. Even one vendor can increase the risk that your network might be compromised; when […]

What’s the cost of not implementing a vendor management platform

Regularly the conversation around any sort of platform revolves around what the costs are: what is the base cost, if there are any add ons, and if you have to pay for support. However, sometimes it makes more sense to think about what the costs are if you forgo to implement a software platform. And […]

Avoiding Healthcare Vendor Compliance Nightmares with Third-Party Remote Access Best Practices

By Tony Howlett As the move to focus corporate resources on core business functions has increased and intensified, the outsourcing trend has impacted all sizes and types of companies. With the software as a service (SaaS) model becoming the norm within most enterprises, very few technology platforms are developed and maintained exclusively in-house. Even infrastructure […]

How to evaluate different pricing models for cybersecurity software platforms

When evaluating a cybersecurity solution, there are many factors that come into play. Obviously features and functionality should come first. After all, a cheap solution that doesn’t properly solve the problem you’re trying to solve is no solution at all. But at the end of the day, we all have budgets and rarely cost no […]

Using Video Conferencing Tools Securely During COVID-19

By: Tony Howlett, CISO, SecureLink Since the world-wide spread of the COVID-19 virus over the last two to three months, many challenges have been thrown at organizations of all kinds and sizes. With much of the country and world under “shelter-in-place” or similar orders from governments, many workforces, especially white-collar ones, have gone to near […]

How to Survive a Cybersecurity Audit

If you’re in a regulated industry or serve customers that are, sooner or later you will probably have auditors examine your cybersecurity setup. This may be on the behalf of clients, or for your own internal corporate governance. No matter the reasons, IT and security administrators often stress at the thought of auditors going through […]

Why MSPs Should Care About Cybersecurity

As a Managed Service Provider (MSP), there are many things you need to focus on to be successful in your business. You have to be a subject matter expert in your particular area in order to convince companies to outsource that function to you, customer service is always important, and response time and time to […]

Multi-Factor Authentication is an Underutilized Tool in Protecting Against Privileged Credentials Breaches

By Tony Howlett While it’s no surprise that nearly every major data breach of the last few years has involved the use of privileged credentials, it is surprising that one of the most effective security measures remains underutilized. Cyber criminals are looking for the most vulnerable access point, and then once inside, they want more […]

PAM vs. VPAM … What’s the Difference?

Privileged Access Management (PAM) is a newer technology within the Identity and Access Management (IAM) space that focuses on applying additional controls and protections on accounts with privileged or administrative rights. It’s one of the fastest-growing segments of the cybersecurity technology space and is a combination of tools and technologies used to secure, control, and […]

Share this page