Blog
Explore our articles
Why does your organization need aPAM solution?
If you have already heard about PAM, but still don't know its benefits for companies of all sizes and segments, read our text. In it, we present the main functionalities of privileged access management solutions. Privileged Access Management (PAM) solutions are a...
SaaS, PaaS and IaaS: Learn about theCloud Computing Options
Understand these solutions to choose the best alternative for your business. For many years, we have been using cloud computing to access files that are not stored on a computer, but on email servers, social network websites, or internet pages, without the need of...
What does a Chief Information Security Officer (CISO) do?
A Chief Information Security Officer (CISO) is a high-level professional responsible for the digital security of a company. If you aspire to obtain this position, read our text until the end. In it, we explain more about the profession. With the advancement of...
An overview of essential certifications for CISOs
In the world of cybersecurity, the role of a CISO is crucial in protecting data and sensitive information. To excel in this career, it is necessary to have certain certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical...
What is the role of a CISO during a cyber attack?
The CISO plays a crucial role in incident management during cyber attacks as they are responsible for implementing containment and eradication measures. However, it is also their role to detect and prevent threats. Learn more in this article about the responsibilities...
Security Training Best Practices for Privileged Users
It is essential to train privileged users to avoid cyber threats, as they are the primary victims of hackers. Read our article and learn how to do it. Privileged user credentials are among the main targets of cybercriminals since they allow them to access data and...
How to Measure the Success of Your Cyber Awareness Campaign
Human users are more vulnerable to cybercriminals than machines. For this reason, organizations invest - or should invest - in cyber awareness campaigns. If you already have this type of initiative, check out our article and discover if you are achieving your goals....
The Biggest Vectors of Cyberattacks in SMEs
Small and medium-sized enterprises usually do not make or have the capacity to make large investments in digital security, which makes them vulnerable to the action of hackers. Do you want to learn more about it? Read our text to the end. Small and medium-sized...
The Main Types of Cyberattacks in Cloud Environments
Cloud services facilitate the routine of companies and optimize their productivity, especially in the context of remote work. However, they can present security vulnerabilities. Follow our article and understand it. With the mass migration of organizations to remote...
Concepts of Federated Identity Management
Federated identity management enables authorized users to access multiple platforms using a single set of credentials. To learn more about it, read our text. In the past, each website or application required a set of credentials. This meant every time you wanted to...
Data Protection Laws: Why Should I Comply with Them?
Much discussed today, data protection laws are regulations developed by governments and have come into force to protect the personal and confidential information of data subjects. However, many companies have not yet adapted to these laws and may be impacted by...
What Is and How Does Bring Your Own Technology Work?
Bring Your Own Technology (BYOT) is a practice adopted by companies that allow employees to use their own personal devices at work. The adoption of this concept favors professionals, who use devices with which they are familiar, and companies, which invest less in...
senhasegura’s participation in the ISA Global Cybersecurity Alliance
The topic of cyber threats is becoming increasingly present on the agendas of organizations of all sizes and verticals. With the intensification of the digital transformation movement through the introduction of technologies such as 5G and the Internet of Things,...
The Biggest Ransomware Attacks of 2022
Ransomware is malicious software used by cybercriminals to block systems or encrypt data and demand ransom payments to unlock access to these resources.In this article, we show you the biggest ransomware attacks of 2022 that caused data leaks. Check it out: ...
SysAdmin: Who Is this Professional, and What Do They Do for Your Company’s Website?
The area of information technology grows every year, making this market quite promising. After all, all companies need the support of professionals in the area, regardless of their size or industry. However, many countries suffer from a shortage of qualified...
BYOD Security: Complete Guide
The Covid-19 pandemic has accelerated the digital transformation process and forced many organizations to operate remotely. In many cases, employees started to use their personal devices to access corporate data and resources. This practice is known as Bring Your Own...
How Does PAM Help Protect Remote Access?
With the imposition of social distancing caused by the Covid-19 pandemic, most companies began to migrate to remote work, adopting solutions such as cloud computing. According to Forrester, more than 50% of IT leaders have revealed the need to adapt to this reality,...
senhasegura introduces the “Jiu-JitCISO” concept to show the power of Brazilian cybersecurity
Written by Priscilla Silva São Paulo, January 13, 2023 - "Like Jiu-Jitsu senhasegura is about self-defense. Every company must know how to protect itself and its clients". This is the aim based on the philosophy of the Japanese martial art, but made popular and...
CISA and FBI Release ESXiArgs Ransomware Recovery Script
The US Cyber Security and Infrastructure Agency (CISA) and the Federal Bureau of Investigation (FBI) released this week a recovery guide for the ESXiArgs ransomware, which has harmed thousands of companies globally. This was because malicious attackers were allegedly...
2023 KuppingerCole Leadership Compass: senhasegura is a PAM leader for the second year in a row
Written by Ina Schindler and Priscilla Silva São Paulo, January 30, 2023 - The Privileged Access Management (PAM) solution senhasegura achieves a top position in the "Leadership Compass 2023". The report is produced by the renowned IT analyst firm KuppingerCole to...
International Data Privacy Day: Why Is This Date Important?
On January 28, we celebrate the International Day for the Protection of Personal Data, or Data Privacy Day. This date leads us to reflect on the importance of laws that safeguard the correct processing of private information in the most diverse countries. Data Privacy...
senhasegura is the only solution to get 100% recommendation in the 2022 Voice of the Customer
Written by Priscilla Silva São Paulo, January 20, 2023 - Based on final users reviews, senhasegura is listed in the recently published December 2022 version of the Gartner Peer Insights "Voice of the Customer" report for Privileged Access Management (PAM) as the only...
How Do You Choose the Best Cybersecurity Project For Your Company?
The IBM Cost of a Data Breach 2022 report brought a lot of information that shows the importance of choosing a good cybersecurity project for your organization. According to information extracted from this document which included interviews with more than 3,600 people...
Machine Identity Management Best Practices
Remote work and the adoption of cloud computing surfaced the concept of identity as a perimeter.In this sense, although it is not new, identity security first gained urgency as malicious attackers began to use machine identity management and access to achieve their...
What is An Incident Response Plan (IRP) and Why is It Important to Have One?
With the evolution of technology and the revolution in the information age, the concern with data security has become more and more constant for companies, governments, and users. Since data are fundamental assets for the growth of companies, investing in protection...
The Highlights of the IBM Cost of a Data Breach 2022 report
Companies of all sizes and industries should be concerned about the impacts of a data breach, since, according to the IBM Cost of a Data Breach 2022 report, its average cost is $4.35 million, and 83% of companies had more than one breach. With this in mind, we...
How to Manage Privileges in Endpoints?
If you are running an organization, you should be concerned with managing endpoint privileges to ensure devices such as laptops, smartphones, and tablets do not pose a threat to the cybersecurity of your company. In this sense, one can use a PAM solution to support...
Retrospective – Cybersecurity Forecasts for 2022
We are in the last quarter of 2022. Yes, it is the end of the year, and we are headed to prepare for 2023. This is also the time when markets in general, including cybersecurity, are preparing to present their forecasts for the following year. We, from senhasegura,...
How Does PAM Help Protect Against Ransomware Attacks?
According to data extracted from a Cybersecurity Ventures' survey, ransomware costs will reach $20 billion next year. The survey also predicts this type of cyberattack will target corporations every 11 seconds. Ransomware consists of malware used by malicious agents...
Critical Factors for the Success of Cybersecurity Projects
Not investing in cybersecurity is a mistake that can cause incalculable loss to organizations. After the Covid-19 pandemic, digital vulnerability has reached alarming numbers with the implementation of the home office work model, bringing the need to develop effective...
Top 7 Types of Phishing Attacks and How to Prevent Them
Social engineering, in the context of information security, consists of practices performed by hackers to manipulate users to take actions that go against their interests, exploiting their vulnerability and lack of knowledge for their benefit. One of the main types of...
ISO 27001 – What is the importance of having achieved the certification
The process of digital transformation has intensified in companies of all sizes and industries, and is considered an essential factor for business success. One of the main consequences of this process is the exponential growth in the amount of data from customers,...
Principle of Least Privilege: Understand the Importance of this Concept
Granting administrator access to a user who does not even have time to explain why they need this permission is not an efficient way to solve a company's problems but rather to harm its security. This is because sensitive data can fall into the wrong hands through a...
How to Prevent DDoS Attacks in Your Company?
There are several methods by which malicious agents attack websites and destabilize network services and resources. One of the most widely used techniques is the DDoS attack, which means distributed denial-of-service. Through this attack, a website ends up becoming...
Gartner and PAM: What Does One of the Most Important Consulting Companies in the World Say About this Cybersecurity Solution?
All of us have already heard of digital transformation at some point. This phenomenon affects companies of all verticals and sizes and has been gaining prominence in the market. Digital transformation increasingly requires organizational leaders to adapt their...
The Biggest Cybersecurity Challenges for the Internet of Things
The Internet of Things is now a part of our reality, making it possible to connect items used in everyday life with minimal human intervention and optimize the performance of equipment through connectivity. This concept is present in the video surveillance cameras we...
senhasegura MySafe – Your personal Vault
With the multiplication of computer systems, passwords have spread out both in our personal and professional lives. And the protection of credential passwords has become a major concern not only for organizations but also for society. And no wonder why those...
Lessons learned from the Uber data breach
Uber employees last month discovered a hacker intrusion into their internal network. This was possible because the attacker announced his feat on the organization's Slack channel, as well as sharing it with the New York Times, which brought the story about the Uber...
What Are the Costs Associated with a PAM Solution?
Investing in cybersecurity is indispensable for companies of all sizes and industries, since threats such as data leaks and hacking attacks generate great financial losses. Thus, one of the most important measures in this regard is to rely on a PAM solution, which...
Why Should You Participate in the Cybersecurity Awareness Month
For some time now, the cybersecurity aspect has not been restricted to the environment of large organizations. Malicious attackers have been targeting their criminal activities on companies and individuals every day, greatly increasing cyber risks…
Applying Zero Trust to PAM
The implementation of the Zero Trust-based security model has gained space in recent times, promoting the default approach of never trusting, and always checking before granting access to a company's perimeter. This practice is extremely important to ensure...
How to Apply Account Lifecycle Management?
In this article, we will show you how account lifecycle management works through best practices and what are the advantages of investing in the senhasegura PAM solution. Our text is divided by topics. They are as follows: What Is Account Lifecycle and Its Management?...
Password Vault: A Complete Guide
The use of many credentials to access various services often causes people to opt for weak passwords or the reuse of passwords, making loopholes for the action of malicious agents. Moreover, the explosion in the number of connected devices due to technologies such as...
Secrets of Cyber Resilience
In recent years the world has considerably evolved, with organizations increasingly adopting digital initiatives, like Cloud, IoT, Big Data, Artificial Intelligence and Machine Learning. And the Covid-19 pandemic has forced organizations to accelerate the adoption of...
Gartner Identity & Access Management Summit Why should you consider attending
Cybersecurity is an increasingly present topic at meetings at all levels of an organization. And with the increase in digitalization and connectivity of companies, cyber risks are increasingly associated with business risks and are not limited only to large...
The 14 Best Cyber Podcasts in 2022
When it comes to cybersecurity, staying informed is one of the first steps to avoid risks such as data leaks and hacker invasion, which can generate a series of disruptions in an organization, even compromising business continuity. The good news is that there is a lot...
How to Choose a PAM Solution?
PAM was voted the #1 cybersecurity project by Gartner for two years in a row. This is because it is a strategic measure to choose a PAM solution as a tool to promote cybersecurity in organizations, which allows one to control privileged access for users, accounts,...
What Are RDP and SSH, and What Is Their Role?
Accelerated by the COVID-19 pandemic, remote work has seen a considerable boost in recent years, making many people understand what RPD and SSH are in practice, as they need to apply these protocols in industries. However, with increased remote access, exposure to...
How Does PAM Help Protect Remote Access?
With the imposition of social distancing caused by the Covid-19 pandemic, most companies began to migrate to remote work, adopting solutions such as cloud computing. According to Forrester, more than 50% of IT leaders have revealed the need to adapt to this reality,...
How to Appropriately Protect Remote Access from Cyberattacks
The Covid-19 pandemic has brought the need for many companies to join remote work with it. The mass adoption of this modality resulted in a significant increase in cyberattacks on IT business structures through breaches in the security of remote accesses. The...
Network Security Perimeter: Why Is This Concept Obsolete?
For a long time, companies had data centers as their IT infrastructures, which needed to be protected from external agents. Business-critical data was embedded in these allocations, including internal networks, client devices, Internet gateways, applications, and...
How Has Robotic Process Automation Revolutionized Routine Execution?
Many people fear the elimination of jobs due to the adoption of Robotic Process Automation, since robots are able to perform tasks previously performed by humans. However, we understand this technology is not able to replace all of our capabilities. We know that RPA...
SSL Certificates: What You Need to Know
According to the International Telecommunications Union (ITU) report published at the end of 2021, about 4.9 billion people used the Internet that year. This represents a jump of 800 million more people than before the pandemic. This means that every day, an...
Cloud IAM: What Do You Need to Know?
With the adoption of remote work by most organizations, the need to join cloud computing and invest in solutions that provide security in this context has also increased. Therefore, we recommend using Cloud IAM to limit the privilege of users according to their roles,...
The 3 Aspects Affecting Cybersecurity in Industry 4.0
Like other industrial revolutions, Industry 4.0 came to transform the way of working with the digitalization of manufacturing environments. However, this feature poses several challenges in terms of cybersecurity. This is because increasingly sophisticated tools allow...
How Does ISA 62443 Assist in Protecting Industrial Networks?
The constant evolution of technology has enabled a series of innovations in the industrial sector, among which we can highlight the use of artificial intelligence, the Internet of Things, and advanced robotics. However, these advances have increased the possibilities...
Cyberwarfare: Why Should Everyone Be Worried?
The cyberwarfare subject has come to light recently due to the attacks that preceded the conflict between Russia and Ukraine. However, this concept is not new and Ukraine is not the first country to suffer politically motivated cyberattacks. Despite this, the...
What were the hottest topics during RSA Conference
Cybersecurity issues have gained importance in organizations of all sizes and segments. After all, cybersecurity risks are increasingly associated with business continuity, which makes the protection of the infrastructure a hot topic from the operational through...
Certificate Management – Stop Worrying About It
The process of digital transformation with the introduction of technologies such as 5G, DevOps and Internet of Things has caused an explosion of connected devices in organizations. According to Cisco, there were more than 20 billion connected devices in 2021, and the...
How Does PAM Assist in Hiring Cyber Insurance?
Organizations are increasingly exposed to cyber threats, which justifies hiring insurance to cover losses related to hacker attacks, incidents, and human failures. Nevertheless, ensuring this additional protection can be a major challenge, as insurers require...
Verizon Data Breach Investigation Report 2021: What You Need to Know About This Report
Human interaction with IT structures represents one of the main cyber threats faced by organizations of the most diverse sizes and industries. This is just one of the important pieces of information extracted from the Verizon Data Breach Investigation Report 2021,...
Building Digital Manufacturing Through PAM
With the evolution of technology, manufacturing sectors are increasingly digitalized through solutions that optimize the processes carried out in these environments, reducing costs, eliminating human failures, and generating more productivity. Among the technologies...
Just-In-Time Privileged Access: Understand this Subject
In this article, we present the concept of just-in-time privileged access, its benefits, and mode of operation, among other extremely important information on the subject. To facilitate your reading, we divided our text into topics. They are: What Is Just-In-Time...
What Can I Do to Decrease Cyber Insurance Amounts?
When it comes to information security, the risks to organizations are increasing by several factors. As an example, we can mention the increase in the number of cyberattacks, especially after the Covid-19 pandemic, which accelerated the mass adoption of remote work,...
What are the actions performed during a privileged access
Nowadays, cyber-attacks have become increasingly common and hit more and more companies, of all verticals and sizes. According to the SonicWall 2022 Cyber Threat report, the number of cyberattacks involving data encryption increased by 167% in 2021, reaching 10.4...
Achieving Sarbanes-Oxley (SOX) Compliance Using Cybersecurity Controls
The Sarbanes-Oxley Act (SOX) is primarily associated with business transparency and the use of accounting and financial controls to protect investors from fraudulent financial reporting. However, it is always important to remember the ever-increasing pivotal role...
Privileged Access Management (PAM): A Complete Guide
In 2021, there was a 50% increase in the number of attacks on corporate networks compared to the previous year. This is pointed out by Check Point Research (CPR), Check Point's Threat Intelligence division. And many of these attacks involve exploiting this type of...
What Is the Risk of Hardcoded Passwords For Your Business?
Today's organizations rely on numerous business applications, web services, and custom software solutions to meet business communications and other transaction requirements. Typically, multiple applications frequently require access to databases and other applications...
Greatest Cyberattacks On U.S. Companies In The Last 10 Years
Virtually every day we see news of data breaches, which affect organizations of all types and sizes. From startups to global companies, they are subject to cyber attacks aimed at stealing (or even destroying) data. After all, the question is not “if”, but “when” an...
Best Practices for Data Theft Prevention
It is important to emphasize that, with the digital transformation and the increase in the use of digital media identified in recent years, there has also been a spike in the practice of cybercrime, that is, those crimes that occur through virtual means. These crimes...
Password Reset As An Essential Process for Privileged Access Management
With the emergence of cloud-based technologies, there is a growing demand and the consequent increase in services offered in this format. In this scenario, in which there were only two or three credentials to perform online tasks, today, the user is forced to deal...
Cyber Insurance – Why your company should consider it
Hiring insurance is nothing more than a risk management strategy. In this case, the organization transfers the responsibility in the event of an unexpected event to a third party (in this case, the insurance company). And with the increase in security incidents and...
Overview of Texas data privacy laws
Texas is one of the richest states in the USA and has been receiving a large amount of tech companies in recent years: Oracle, Cloudflare, and Tesla changed cities like Palo Alto and San Francisco for Austin and Houston. So now you may be wondering: why did they...
Industry 4.0 – What Is It, and Why do You Need to Start Thinking About It?
In recent years, the adoption of Industry 4.0 technologies such as automation, 3D printers, robotics, and IoT is gaining a lot of momentum across manufacturers. These technologies that interface with the production lifecycle enable businesses to improve productivity...
Learn How to Protect Your Company from Insider Threats.
Imagine yourself in a dining room in your company with colleagues and friends enjoying a meal. Suddenly, the lights flash and everyone's belongings mysteriously disappear. The only suspects are those in the environment, including you. But how to find the culprit? As...
Resolving LGPD Compliance Issues with Privileged Access Management
Due to the increasing technological development in the market, we can clearly see how much the trend of product and service purchases by consumers has changed. Through more practical technologies, such as cellphones, laptops, and tablets, they are just a click away to...
What is ISO 27001 and how can it benefit your business?
The International Organization for Standardization is an internationally known and respected agency that manages and structures standards for various areas, including cybersecurity. ISO 27001 is a systematic approach to managing confidential company information so...
Third Party Access: A Problem for Today’s Organizations
The extent of the use of third parties to carry out activities in companies today is really surprising. Companies are increasingly looking to outsource internal functions and operations and external services. According to the study, a quarter of companies said they...
Cybersecurity Health: What it is and how to comply with HIPAA
Infrastructure security breaches damage healthcare organizations. A vulnerability in a hospital's cybersecurity network could expose sensitive patient data to those with malicious intent to use and take advantage of it. Electronic health records can be encrypted and...
What is NIST and Why Is It Critical to Cybersecurity?
Organizations of all kinds are increasingly subject to data theft and loss, whether the asset is customer information, intellectual property, or confidential files from the company. The U.S. federal government and therefore its private contractors have long relied on...
PCI-DSS: What is this and why should I be compliant
If your organization works with payment cards, you've probably heard the term "PCI-DSS compliance" more than once. However, are you still confused about what it represents in your business? In the simplest terms, PCI-DSS is a set of 12 security standards designed to...
How to Prevent a Data Leak by Internal Users?
Data leaks are extremely harmful to your company and users, therefore, actions to avoid such failures and information collection is crucial for your company to have a respectable image and become a reference in this segment. How to Prevent a Data Leak by Internal...
Malware: Learn How to Identify the Threat Quickly
But along with the efficiency ofIn a completely digital world, it is normal for all sensitive data of a person or company to circulate and be stored on computers or mobile devices. Whether through websites, folders or applications. control and information disclosure,...
Configuration Management Database (CMDB): Learn More About It
Making a list of all the configuration items used in your company and keeping this list up to date can be quite challenging, but it is extremely important not only for the IT team but also for the business in general. The good news is that this process can be...
How Does Active Directory Help with Access Management?
Active Directory started with Windows Server due to the convenience of using the same password to perform several activities in a company, such as authenticating on a computer, accessing a system, and opening an email. In its database, one can store information about...
The Challenges to API Security
Some services depend on the integration between software, applications, or systems to be run by the end-user and this communication is possible due to the existence of APIs in people's daily lives. However, with the constant evolution of technology, these tools have...
How to Protect Cloud Environments Against Cyberattacks?
Cloud computing makes it possible to access files and applications over the internet without them being on local computers. This concept became popular in 2008 but refers to the solutions envisioned in the 1960s. Being currently widely used, especially due to remote...
Microsoft Attack: How can PAM help me?
Each day more news of cyber attacks come up in the media, involving from Small and Medium Enterprises (SMEs) to large business conglomerates. These attacks can have several motivations: they can only serve as alerts for organizations to increase their cybersecurity...
Increasing Cloud Security with CIEM
Given the current context, post-covid-19, talking about cloud security with CIEM has become essential. This is because the pandemic motivated the adoption of remote work by most organizations, which resulted in a significant increase in the adoption of cloud-based...
Achieving DevSecOps through PAM
DevsecOps is the abbreviation for development, security, and operations and has gained a lot of attention among the best methodologies for software development. According to Gartner, by the end of 2021, DevSecOps practices will be implemented in 60% of agile...
How to Properly Manage Secrets in Development Projects
Secrets like passwords and ssh keys are scattered throughout the software development process. However, few people can access this data. Controlled access is still a major challenge for development teams, due to difficulties in managing this information and adopting...
IT Service Management (ITSM): A Complete Guide
Currently, most companies rely on their Information Technology department and IT service management (ITSM) to meet the demands of users and become increasingly competitive. But what is this strategy about after all? In practice, the term IT Service Management (ITSM)...
Common Questions about Privileged Access Management (PAM) Solutions
With technology increasingly present in our lives, ensuring the security of your company’s information has become a must. The market offers numerous tools to prevent cyberattacks and control internal access to sensitive data. One of the most efficient solutions we...
5 Steps to Manage Privileged Access like a pro!
Every day there is more news related to security incidents, affecting organizations of all types and segments. With the greater sophistication of attacks and even considering a cyber warfare context, the trend is that the number of security incidents will increase even more.
Password Reuse: Understand the Risks of this Practice
Password reuse is one of the main reasons why passwords have been questioned as an effective measure to guarantee protection against intrusion into accounts and systems. This practice is extremely risky as it allows a malicious agent to have access to numerous...
Everything You Need to Know About SSH Keys
Everything You Need to[dnxte_text_highlight highlight_text="Know about SSH Keys" heading_tag="h1" highlight_alignment="center" stroke_color="#71ea90" dnxt_svg_select="zigzag" display_type_select="on" _builder_version="4.18.1" _module_preset="default"...
Password Strength: How to Create Strong Passwords for Credentials?
Password strength is one of the criteria considered when creating password policies. After all, this is one of the most efficient measures to prevent passwords from being breached. And worrying about this is of paramount importance for organizations today. This is...
Learn All About Passwordless Authentication
Passwordless authentication has been a recommended option for IT teams. This is due to the fragility of passwords, which justifies the frequent news about hackers and data leaks. Also, the recommendation to periodically change passwords can encourage inappropriate...
How to Create a Secure Password Policy?
Having an efficient password policy is critical to the cybersecurity of companies. Since using easy-to-identify passwords is a way to facilitate scams by malicious actors. For the same reason, repeating passwords is a risky practice. In 2021, more than 8.4 billion...
How Does Pam Help Protect Healthcare Organizations?
Cyberattacks on healthcare organizations have increased in recent years. As we have already stated on our blog, this is due to the sector's unpreparedness to deal with confidential data, since health services do not invest as they should in information security. In...
SSH Keys: Learn More About the Importance of Secure Control
Counting on maximum security is essential to bring a protected environment and strengthen customers' trust in the company. SSH keys are an important authentication mechanism that ensures data and information protection. They work as an access credential, being an...
What are the main cybersecurity vulnerabilities in Industry 4.0
The digital transformation process brought an increase in the number of connected devices, including industrial devices, in what we call Industry 4.0. Ensuring cybersecurity is essential to keeping any business system up and running. With that in mind, we have brought...
Cybersecurity: Learn How to Prevent Threats to Business data
The coronavirus pandemic has driven workers home from work, which has raised concerns about digital security. This fear is justified, after all, according to Fortinet Threat Intelligence Insider Latin America, in the first half of 2020 alone there were more than 2.6...
SQL Injection: How to Avoid It and Protect Your Systems
With the evolution of computer technologies, the population has become increasingly connected, but there are complications, such as SQL Injection. Do you know it? In this article, we will explain what it is and how to protect yourself. SQL Injection: How to Prevent it...
How a PAM Solution Enables the Protection of Privileged Data
We cannot deny that using a Privileged Access Management (PAM) solution considerably increases a corporation's information security. However, what many people do not know is that this type of solution has some basic functions so that a PAM solution can effectively...
Why Have Attacks on Healthcare Organizations Increased?
A news article produced by the newspaper O Estado de São Paulo and replicated by the G1 website has pointed out that approximately 243 million Brazilians had their data exposed on the Internet due to failures by the Ministry of Health. These numbers include people who...
6 tips for creating an efficient cybersecurity campaign
Information security does not only depend on investment in technology. To be effective within the corporate context, it is of paramount importance to make the entire team aware of the risks of having a vulnerable infrastructure. This means professionals must be...
The 5 biggest challenges in Information Security projects
Prioritizing information security is a necessity for all organizations, regardless of their size or industry. The trend is for actions in this area to become increasingly necessary, as the constant evolution of technology provides increasingly sophisticated tools for...
Invest in disaster recovery strategies and avoid damages to your company
Failures in the IT infrastructure can compromise the continuity of a business. For this reason, organizations must have a disaster recovery strategy to avoid losses. This solution is useful to circumvent problems that can have different origins: natural disasters such...
Load Balancer: what is it and what is its importance?
When a given system is heavily accessed, it is recommended to invest in a load balancer. This solves the problem of slowness caused by system overload as it distributes traffic among different web servers in the resource pool. Thus, you can optimize its performance...
High Availability: technology that guarantees productivity and credibility
Computer equipment is subject to failures that can bring great inconvenience and damage to companies. In this sense, high availability systems are essential for carrying out activities that rely on energy, location, operation, software, and hardware. This technology...
Multifactor Authentication: How to benefit from this security strategy
Multi-factor authentication is a technological solution that aims to inhibit cyberattacks. In practice, this security strategy uses at least two types of mechanisms to identify an individual trying to access a certain system online. The methods can involve knowledge...
Privileged Access Management
Implementing privileged access management in a company is critical to ensuring that there are no information theft and other security issues. The so-called cyberattacks are responsible, for example, for the theft and hijacking of information in exchange for money,...
Credential Management
With the significant increase in the number of malware and ransomware cases worldwide, ensuring the security of your company's privileged credentials has become a fundamental practice to protect it against insider threats, data leaks, and immeasurable financial...
Cybersecurity Trends for 2022
In recent years, the technological dependence of companies and society has only increased. Companies have increasingly invested in digitizing their processes and providing the best experience for customers, partners, suppliers, and employees. The digital...
An Overview of Saudi Arabia’s Personal Data Protection Act (PDPL)
Saudi Arabia’s Personal Data Protection Law (PDPL) was implemented by Royal Decree M/19 of 9/2/1443H (September 16, 2021), which approved Resolution No. 98 of 7/2/1443 H (September 14, 2021). It was published in the Republic Journal on September 24, 2021. The Saudi...
The 5 Biggest Data Leaks of 2021
During the pandemic, cyberattacks grew more than ever. Theft, hijacks, and data leaks are increasingly popular practices in cybercrime. The lock and hijack for ransom (ransomware) category has stood out a lot, as data is a highly valuable resource and most companies...
HIPAA: Five Tips for Complying with The Certificate
What is HIPAA? Currently, this is one of the most frequently asked questions by many professionals working in the healthcare industry, especially in times of the Covid-19 pandemic. But why is it so important and what are its benefits for healthcare companies? First,...
How Does The LGPD Impact Companies?
Due to the growing technological development in the market, we can clearly see how much how consumers tend to buy products and services has changed. Through more practical technologies, such as cellphones, laptops, and tablets, for example, they are just a click away...
ISO 27001: 4 Reasons to Implement It in Your Company
Leaving data unprotected ends up putting business continuity and your clients at risk. Therefore, it is necessary to implement standards that aim to make information more secure. One of the best known among them is ISO 27001, responsible for dealing with Information...
The Importance of Access Management in Remote Work
Remote work has some challenges, one of which is performing access management. But do you know the real importance of managing access even with remote work? Check it now and understand why it is important to manage access even when working remotely and be prepared to...
What to Do to Prevent Social Engineering Attacks?
Knowing what to do to prevent Social Engineering attacks is essential to ensuring internet security. After all, cybersecurity is all about knowing who and what to trust when it comes to protecting your digital information. Here is everything you need to know about...
Top 5 Cyber Threats to Healthcare Organizations
Cybersecurity has become one of the significant threats in the healthcare industry. As a whole, IT professionals must continually address health data security issues due to specifications outlined in regulations such as the Health Insurance Portability and...
Why Identity and Access Management is Important for LGPD Compliance
The General Data Protection Law is already a reality in Brazil, after all, all the parameters imposed by the new order are already in force. But why is identity and access management important for LGPD compliance? As it is something new, it is natural that many...
The Main Effects Caused by the Pandemic on Information Security
With the coronavirus pandemic, companies had to adapt and reframe their businesses, which brought many benefits in terms of growth and digital presence. Home office and hybrid jobs are already a reality for most companies, especially technology ones; physical servers...
What is SQL Injection and How to Prevent This Attack?
SQL Injection is one of the most dangerous vulnerabilities for websites and online applications. It occurs when a user adds untrusted data to a database query, for example, when filling out a web form. If data injection is enabled, attackers can create user input to...
Ransomwares are everywhere: know this trend
When it involves ransomware protection, it is better to be safer than sorry, isn't it? To achieve this goal, a vigilant outlook and the right security software are essential, since a moment of carelessness is enough to fall victim to a cyberattack. You probably know...
Ransomware Attack: Should I pay it or not?
Ransomware attacks are one of the biggest fears of companies today. Imagine having to use your business resources to pay cybercriminals. This is a reality that happens. However, in case your company suffers a ransomware attack, what is the best option: To pay or not...
How Do Pass-the-hash Attacks Work?
Despite being something old, from the 1990s, few people know how pass-the-hash attacks work. Keep reading the article to find out! Where Did the Name “Pass-the-hash” Come From? Pass-the-hash attacks occur when an attacker steals a user’s credential with a hash...
Windows Print Spooler Failure: Why Should I Upgrade Immediately?
Updating the operating system is a common activity. However, in July 2021, one of Microsoft’s Windows updates gained prominence. Let’s talk about it: Windows print spooler failure: why should I update immediately? What is Print Spooler Failure? The print spooler is...
The Importance of Integrating Security into DevOps
Technology has undergone constant change, as innovations that emerge today can be surpassed tomorrow, and so on. This is a reality that can be contemplated in the IT sector or corporate software developers. As the market becomes increasingly competitive as a result of...
China has Published Its Specific Law for the Protection of Personal Data. What Are the Implications?
Global efforts to ensure data protection have increased dramatically over the years. Governments around the world have been concerned with creating laws and regulations that ensure the security of circulation and processing of information from citizens and users,...
Understand the Cyberattack that Affected Kaseya
On July 2, a Russian group of hackers exploited a flaw in the Kaseya company’s management software, affecting its systems and causing problems for it and its customers. The massive cyberattack affected around 1,500 businesses in 17 countries. The attackers promised to...
Main Cybersecurity Challenges for Brazilian Companies
Information security is very important to companies, so investing in cybersecurity must always be considered a priority. However, Brazilian companies still face several challenges in this sector. Do you know what the main cybersecurity challenges are for Brazilian...
The benefits of Using Cloud Computing
Cloud computing has been around for some time, and while data points to the efficiency, cost-effectiveness, and competitive advantages it has, a large part of the business community continues to operate without it. According to a study by the International Data...
The Biggest Cyberattacks of Recent Years
We all know that cyber vulnerabilities are not a current issue. However, with the evolution of technology and virtualization growing in all areas of society, cybercrime becomes more and more frequent, creating a critical problem that deserves a lot of attention from...
Digital Sovereignty: The Precepts of Senhasegura According to an American Periodical
Nomenclatures and acronyms are part of the routine of those who work in the technology area. Picture a physical archive room, the kind we see in movies and series set in hospitals or police departments, separated by a bookcase full of folders: when we get to the...
Why is Data the New Oil?
Performing any task today is much easier than it was a few years ago. With the evolution of technology, the consumer can make purchases faster and more practical, receive optimized ads - which help a lot when purchasing something -, social networks with features that...
Why is Information Security Important to Your Organization?
As technology becomes increasingly sophisticated, criminals' skills often evolve as well, in many cases surpassing the skills of security professionals within organizations. The proof of this is that the number of successful attacks is growing every year. We live in...
Brazil improves its position in the 2020 global cybersecurity ranking
Several Latin American countries have advanced in the Global Cybersecurity Index, a report supported by the International Telecommunication Union (ITU). Brazil, Mexico, Uruguay, Dominican Republic, and Chile had the best performances in the region. Although there are...
Is your company really prepared for a cyber attack?
The rise of smart devices and shifting customer preferences have driven the global digital transformation at full steam. As a result, companies are discovering more and more opportunities and cutting-edge resources for competitive advantage and growth. Moreover, the...
PAM Market Trends According to Gartner
Protecting privileged credentials is essential in the cybersecurity strategies of companies of all sizes and verticals. According to Verizon in its Data Breach Investigations Report 2021, 61% of data leaks involved privileged credentials. No wonder they are called...
The Pillars of Information Security – Part 2
Currently, the use of information is a great ally for companies from different industries. However, along with this, comes the need to protect this information with what is called information security. But do you know what the pillars of information security are? This...
What is a Sysadmin?
In a world of constantly evolving technology, SysAdmin is one of the oldest and most in-demand roles in the technology field. While not always getting all the glory, SysAdmin is a critical piece of the technology organization and essential to the success of a...
The Pillars of Information Security
Given the importance of protecting employees and the information of an entire corporation, it is essential to understand and put into practice the 5 pillars of information security. Dealing with information security has already become a routine agenda in management...
What is An Incident Response Plan (IRP) and why is It Important to Have One?
With the evolution of technology and the revolution in the information age, the concern with data security has become more and more constant for companies, governments, and users. Since data are fundamental assets for the growth of companies, investing in protection...
Myths and Truths About Privileged Access Management
Implementing privileged access management to systems in a company is critical to ensuring that there are no information theft and other security issues. The so-called cyberattacks are responsible, for example, for the theft and hijacking of information in exchange for...
After All, How to Act in Case of Data Invasion and Theft?
In the contemporary world, where the use of technological means and virtual systems is becoming more and more indispensable, one of the great problems caused by criminal entities has been the invasion and theft of data. It is important to emphasize that, with the...
A importância da criptografia para a cibersegurança
A maioria das pessoas pode achar difícil entender a importância da criptografia para a cibersegurança e criptografia, especialmente porque ambas são projetadas para lidar com o crime digital. É essencial compreender e diferenciar os dois termos de acordo com sua...
The Importance of Encryption for Cybersecurity
Most people may find it difficult to understand the importance of encryption for cybersecurity, especially since both are designed to deal with cybercrime. It is important to understand and differentiate the two terms according to their role in technology. In this...
How to Prevent Social Engineering Attacks
When it comes to cybersecurity, many think about protecting themselves against hackers who use technological flaws in a system to steal data. But cyberattacks can't just be malware intrusions, there are other ways to infiltrate organizations and networks with the...
Cyberattacks Have Increased During the Pandemic, Learn How to Protect Yourself
Cyberattacks have been causing concern and discomfort for those who use and depend on digital spaces for some time now. This type of activity disrespects the private life of social subjects, in order to expose them to different types of risks. They usually occur...
Zero Trust-Based Security Approaches
In a world of complex cybersecurity threats and mobile workforces armed with multiple apps and devices, security in Zero Trust aims to provide comprehensive protection. The Zero Trust approach never assumes that a request comes from a trusted source, even if it...
CIS Controls Version 8: Learn what changes with Engine Advancements
This May, the Center for Internet Security (CIS) has launched version 8 of the security control tool for critical systems, especially marked by structural progress aimed at cloud and mobile environments. The concentration of online tasks and the remote work model are...
8 Tips to Protect Your Password
We are already in the month of May, and you know what we celebrate on the first Thursday of this month, rigtht? That's correct, it is World Password Day. Celebrated since 2013, this day reminds us of adequate cyber awareness and the importance of password protection...
7 signs that your company needs to improve the security of sensitive data
7 signs that your company need to improve[dnxte_text_highlight highlight_text="the security of sensitive data" heading_tag="h1" highlight_alignment="center" stroke_color="#71ea90" display_type_select="on" _builder_version="4.18.0" _module_preset="default"...
Zero Standing Privileges
With the growth of cyberattacks, access credentials have become a strong attack vector. In 74% of cases of data breaches, companies confirm unauthorized access to a privileged account as its main cause. In addition, The Verizon Data Breach Investigations Report (DBIR)...
The importance of Gartner’s Magic Quadrant
Gartner is a company recognized for providing impartial, high-quality consulting and research on the IT market, as well as providing valuable information and insights to the entire technology community. Through its more than 15,000 employees, Gartner also contributes...
LGPD: know what your company needs to do by August
As of August 1, 2021, the fines imposed by the LGPD (Brazilian General Data Protection Law) will be applied to companies that are not adapted to the new law. In order to prevent your company from being harmed, it is important to adapt it as soon as possible to the...
Find out which virtual attacks are most common in companies and how to avoid them
We know that the protection and security of business activities and processes are of paramount importance for a company. This is because, in addition to cyber invasions being vastly frequent in the virtual space, they also offer several problems for a company,...
Understanding Microsoft Exchange Server vulnerabilities
Anyone who works with technology has certainly heard of or uses Microsoft Exchange, Microsoft's server solution for email and calendar. Exchange is used worldwide by companies of all sizes, being preferred for its versatility and ease of use, and billions of...
How to Protect Remote Access with PAM
The Covid-19 pandemic has caused massive adoption of remote working models in organizations of all sizes. Besides, security leaders have also accelerated the migration of their infrastructure to cloud environments. According to a study conducted in partnership by...
The risks of lack of access protection in cloud environments
The cloud concept is less and less a buzzword and more of a need. Everyone, from application developers, executives, and students, is benefiting from the flexibility and reliability of cloud-based solutions. Although the cloud has evolved a lot in recent years, there...
How PAM can help against insider threats
Insider threats take many forms. Some are malicious agents looking for financial gain. Others are simply careless or unaware employees who click on suspicious links. An insider threat can be defined as someone close to an organization, with authorized access,...
Risk associated with the lack of protection in Cloud access
We are already in the month of May, and you know what we celebrate on the first Thursday of this month, rigtht? That's correct, it is World Password Day. Celebrated since 2013, this day reminds us of adequate cyber awareness and the importance of password protection...
The vulnerability of the Sudo APP in Linux
In the late 1960s, AT&T Bell Labs launched Unix, its operating system. The new system, which uses a command-line interface, or CLI, soon became popular in companies around the world for having open source, in addition to allowing easy modification and good...
What is Application-to-Application Password Management (AAPM)?
Application-to-Application Password Management (AAPM) eliminates the need to store credentials in application source codes, scripts, and configuration files. In this way, passwords are managed by the AAPM solution and become unknown to developers and support staff....
What are the main features of a PAM solution?
Privileged Access Management (PAM) is formed by a set of cybersecurity strategies and technologies to exercise control over privileged access and permissions for users, accounts, processes, and systems in a technological environment. A PAM is an ideal solution for...
The Importance of Gartner Peer Insights for Technology Providers and Users
One of the most debated subjects on the market is Digital Transformation, now boosted by the Covid-19 pandemic. We heard about the adoption of technologies to transform business processes not only during “lives”, but also in articles, conferences, and even family...
The Importance of the Voice of the Customer Report
We, from senhasegura, a provider considered Challenger by Gartner in its Magic Quadrant for PAM 2020 report, are proud to announce that we have also received the Customer’s Choice seal by Gartner in the Voice of the Customer: Privileged Access Management report. This...
The Competitive Landscape report for PAM
Privileged credentials are spread across the infrastructure of organizations of all sizes and types. Through them, it is possible to take a series of administrative actions, such as significant changes in assets and critical systems as Domain Admin servers or ERP...
7 tips to prevent cyber attacks during remote work
The year 2021 has arrived, and organizations of all types and sizes are continuing their efforts to adapt their workforce to the new work reality imposed by the Covid-19 pandemic. People, who were previously working using corporate devices and infrastructure within...
High Availability and Contingency and Risk Management in Information Security
Risk management is a very present and important issue when it comes to Information Security. From an analysis, the main business processes of an organization and their respective risks are mapped out. By classifying these risks, the organization's senior management...
The function of API’s in the integration between the solutions
Digital transformation offers a series of benefits for companies of all sizes and industries. However, the results achieved by this transformation are not obtained without challenges. The new digital age has led to an exponential increase in the amount of data,...
How to Manage Cloud Environments through a PAM Solution
In recent years, the mass adoption of cloud-based solutions, leveraged by the migration of the workforce to remote models caused by the covid-19 pandemic, has brought new levels of speed and scalability to organizations. Through this migration, it was possible to...
How to ensure control of your privileged accounts with PEDM
It is well known that hackers wreak havoc around the world with advanced cyberattacks targeting a company's most valuable assets. Another worrying scenario is the existence of malicious people inside a company who disclose confidential information to the public or...
We are a Great Place to Work
“I am what I am for what we are” - Ubuntu MT4 Tecnologia Ltda. developed, developer and owner of the senhasegura solution, it was certified in 2020 with the seal "Great Place to Work " in its first year of participation in the research and becomes part of the select...
PASM x PEDM – How to choose the best approach for your business?
For the second year in a row, Privileged Access Management (PAM) is listed as one of Gartner’s top security priorities. Although they have been around for decades, PAM tools are increasingly vital as access privileges become more complex. In fact, experts predict that...
Learn how to protect your company from insider threats
In addition to protecting companies from hackers, malware, and external attacks, it is now vital to be prepared for insider threats, whose culprit of the cyberattack is an employee of the companies. Often, what drives these attacks is an employee's negative opinion...
How to secure privileged credentials
With the significant increase in the number of malware and ransomware cases worldwide, ensuring the security of your company's privileged credentials has become a fundamental practice to protect it against inside threats, data leaks, and immeasurable financial losses....
Strengthening Version Control and Automation for DevOps Compliance
Information security and compliance are essential for businesses around the world, especially given past examples of data breaches and threats to cybersecurity. Still, compliance has long been considered the group that slows things down, often requiring a more...
Cybersecurity Health – What it is and how to adapt to HIPAA
Looking at the vulnerability scenario in hospital-data systems, in 1996, the American government created a set of mandatory rules called the Health Insurance Portability and Accountability Act (HIPAA). HIPAA applies to all hospital institutes in the United States,...
The importance of managing access identities in your company
The management of access identities has become an important and indispensable practice in the information security of any company. The protection of privileged credentials is a great way to guarantee the security of data and compliance with the data protection laws in...
Learn the Importance of Role-Based Access Control (RBAC)
Due to the increase in cyberattacks and the enforcement of several data protection laws, it has become an obligation, in the corporate environment, to take care of personal and sensitive data of a company. When we talk about information security, it is essential to...
How to Implement the Principle of Least Privilege in your Corporation
According to a report recently published by Kaspersky, the number of users who have experienced some type of cyberattack in the first half of 2020 increased by 20,000%. Also, the company BBOViz points out that Brazil is the second country that suffers the most threats...
The importance of protecting your company’s User Identities
With the increase in phishing attacks all over the world due to the outbreak of COVID-19, companies are reassessing the efficiency of their information security systems, since the home office opens loopholes for a company's security and such type of malware. One of...
Main risk trends for information security in 2020
Due to COVID-19, the attention of CISOs had to be reinforced to plan an efficient information security strategy, and to help in this task, Gartner has published a very interesting report, which pointed out some security trends and risks for information security in...
What you need to do for an effective privileged access management
Managing privileged access to a corporation has become an obligation almost everywhere in the world. Laws such as the LGPD (General Data Protection Law) and GDPR (General Data Protection Regulation) oblige companies to maintain the integrity and security of the data...
The fundamental principles for creating an efficient information security project
According to Gartner - an Institute with a focus on researching, executing programs, and consulting and recommending efficient technologies for its customers, such as digital security - there are some fundamental projects for a company to ensure information security...
9 Essential Features or Good Practices for a Privileged Access Management Solution (PAM)
It is undeniable that the use of a privileged access management solution (PAM) considerably improves a company's information security. But what many do not know is that there are some essential features or recommendations for a PAM solution to guarantee information...
Cyberattack: another big company is a ransomware victim
Another cyberattack with devastating consequences for financial institutions. The target now was BancoEstado, one of the three largest Chilean banks, which was affected by ransomware on September 6. According to a statement to Chile’s Cybersecurity Incident Response...
How to protect your company from insiders threats?
Any corporation is subject to some type of cyberattack, and it is essential to have a system that defends and maintains data integrity. According to a report by Fortinet Threat Intelligence, Brazil has suffered more than 24 billion cyberattack attempts in 2019, a fact...
LGPD: How to comply with the 10 privacy principles
After two years of waiting, the general data protection law (LGPD) will finally come into force in Brazil. The law aims to regulate the processing of personal data, mainly ensuring the security, transparency, and integrity of the data provided. Since its announcement,...
Best Practices for Proper Cloud Configuration
Through the digital transformation, now driven by the Covid-19 pandemic, we see a massive migration to decentralized, cloud-based models. And those who already use these models will further accelerate the migration to the cloud. According to Gartner, by 2021, more...
Gartner Magic Quadrant: What is the importance for PAM solutions?
Gartner is an organization dedicated to giving consultancy to companies that need to hire some type of cutting-edge technology to meet their needs. For its consultancy to choose a good solution assertively, the institution periodically generates a report called...
APIs – What are they and what is their importance?
With the increase in the number of devices and applications connected through digital transformation and the Internet of Things (IoT), the concern to build secure networks also grows to ensure the protection of data (in times of even more rigid data protection...
Remote Work and Increased Usage of Cloud
With the increase in remote work, as a consequence of the Covid-19 pandemic and its social distancing, organizations have seen the need to secure information even at a distance. One of the main measures being taken is the use of Cloud-based environments in the work...
Digital Certificate Management for Protection of Machine Identities
Currently, it is almost impossible to mention an IT issue that is not connected to digital transformation. The growth of IoT devices, Industry 4.0, Cloud, and DevOps are some of the hottest topics on the market, and they have one thing in common: they all involve...
Cyber Attack on Twitter
Last Saturday (18), the digital world was shocked by another episode of data leaks, and the protagonist this time was Twitter. That's right, hackers were able to steal data from users of the microblogging platform. And it was not ordinary users, but celebrities,...
Pass-the-hash – What it is and how to protect yourself?
Every day, we hear about cyberattacks against companies of all kinds. According to the 2019 Cost of a Data Breach Report, not only did the number of data leaks rise, but its cost as well. The average cost of a data leak, in the 507 organizations surveyed, was USD 3.92...
The importance of protecting personal data
It is undeniable that people are increasingly immersed in the digital world, and through the digital transformation phenomenon, the increase in personal data that is made available on the web only increases. It is difficult for a person who frequently uses the...
Machine Identity and Digital Certificate Management
With the emergence of computer systems and, later, the internet, people and organizations have begun to use these resources to speed up their tasks and make their lives easier. Thus, performing activities for both business and personal life (such as shopping and...
Cybersecurity: The cost of a company’s internal threats
The mentality in the cybersecurity world has been changing with the migration from trust-based models (Trust, but verify) to zero trust-based ones. This change is mainly because of the trend towards an increase in internal threat incidents. It is a trend that makes it...
BYOD Security: How to ensure device security
With the digital transformation, boosted by the Covid-19 pandemic, a large number of users were forced to work remotely. In many cases, corporate devices have been replaced by the Bring Your Own Device (BYOD) policies. But what is it and how to maintain BYOD...
Endpoint Protection through Remote Work
With the migration of the workforce to remote-work models, endpoint protection has been considered a major concern within the cybersecurity industry. This change further reinforces the elimination of the security perimeter concept, based on Zero Trust approaches....
Just-in-Time Elastic Provisioning of DevOps Secrets
Digital transformation, now accelerated by the Covid-19 pandemic, will drive businesses like Cloud, IT Services, and Development. Against this background, new agile software-development methods, such as DevOps, have significantly changed the way companies operate,...
The importance of proper Digital Certificate Management
With the increase in connected devices, mainly based on the Internet of Things (IoT), the number of malicious attacks has also increased. They aim at stealing data, and for organizations, the main result of which is the loss of revenue, reputation, and trust from...
Remote Working has come of Age
Highlighted by the fact that many places around the world are on a virtual lockdown due to the Coronavirus, many employees are being forced to work remotely. Today we have the technology and capability to make this happen, we have personal as well as company internet...
Learn how to prevent a phishing attack
Companies are increasingly concerned with information security in their infrastructure, considering that an insecure system is vulnerable to various types of cyberattacks, such as phishing, which is on the rise today. This type of attack basically consists of invading...
Information Security: learn about the 4 fundamental principles
Information security is a topic that is on the spotlight worldwide, and professionals from the field are the ones who need to be most concerned with this type of measure, since they maintain the data security system of an entire company under surveillance through...
IoT security: The great challenge of creating secure devices
The world is increasingly connected, and that is not something new, so the more people have access to new technologies, the more personal information will be stored, both in on-premise environments and Cloud-based infrastructures. In addition to the legislation for...
Cybersecurity and the Covid-19
The Covid-19 pandemic has flooded the news daily and left the whole world concerned about its effects on the lives of people and organizations. The new virus has significantly reduced the pace of business and the flow of people through protective isolation actions,...
Ransomware: what it is, how it works and how to avoid it
Ransomware has been a hot topic since the cyberattacks boom in 2016, in several countries, such as: Ukraine, Russia, United Kingdom, India, causing incalculable losses for several companies, which started to look deeper into the Ransomware world - what it is and how...
Privileged Access Management and PEDM
In a cybersecurity context, the privilege aspect is understood as the level of authorization for access (and control) over IT systems, information assets, and applications. In this specific context, low control over privileged user accounts is usually a source of risk...
The Cybersecurity Frameworks and PAM
With digital transformation and increased competition, it is increasingly important for organizations to achieve progressive and better results using fewer resources. In this sense, business requirements have been changing over the past few years, based on a new...
How to integrate PAM with DevOps
With the digital transformation, much has been said about reducing costs and increasing the speed of software development. In this context, the software delivery pipeline is focused on delivering high-quality products and services to the market, in an increasingly...
Cyberwarfare
The first days of 2020 have been marked by escalating tensions between countries like the United States, Iran, Russia, and North Korea. We have heard a lot about cyberwarfare and its growing use by governments around the world. But, what possible conflicts between...
7 Cybersecurity Predictions for 2020
The cybersecurity issue has remained at the top of the list of priorities and concerns for individuals, companies, and governments in recent years. In 2020, the Olympic Games, American presidential elections, the expansion of connected devices and the 5G internet, in...
High Availability and Contingency and Risk Management in Information Security
Risk management quantifies and qualitatively describes the risk of Information Security, allowing companies to prioritize risks according to their severity and thus ensure business continuity. Risk management determines the value of an information asset, identifies...
senhasegura in version 3.0: futuristic, UX-Driven, and with a new set of features.
The growing demand for privileged action automation, Cloud, and DevSecOps, as well as ease of use and deployment, have been some of the requirements from users of our senhasegura solution family for Privileged Access Management. The complexity of a PAM solution...
Information Security and the Psychology of the Social Engineer
When it comes to Information Security, a hot topic right now is Social Engineering. As famous hacker and social engineer Kevin Mitnick defines in his book “The Art of Deception”: “You might say there are two specialties within the job classification of con artist....
The New Context for User Identity Management
In a world where Digital Transformation - through remote teams, Cloud, and Bring-Your-Own-Device (BYOD) - is increasingly impacting business and people’s lives, new cyber threats are emerging as challenges to organizations. One such threat is theft of user identities,...
Just-In-Time Access (Ephemeral Credentials)
Which company hasn’t ever found itself needing to grant access to a user for just a day or a few hours? Access of which is from a third party or partner who needs specific information or system maintenance that results in the creation of another user for access to...
Santa Claus, PAM and Access Control
A few years ago, data was printed and stored in folders and drawers, rooms with confidential information were locked with keys, which were held by only one employee. Today, all this is very different, most of the data is stored and travels in technological means. In...
5 Lessons to Avoid Being a Ransomware Victim
One of the biggest organizational nightmares today is being attacked by ransomware. Worse than that is failing to recover from such an attack. In this article, we will look at the second ransomware attack within a year in the city of Baltimore and what organizations...
Insiders Threats
Imagine yourself in a dining room at your company with colleagues and friends enjoying a meal. Suddenly, the lights flash and everyone's belongings mysteriously disappear. The only suspects are those in the environment, including you. But how to find the culprit? As...
So, what does Privileged Access Management mean?
Gartner, in its document Gartner Top 10 Security Projects, named Privileged Access Management (PAM) as the number one priority in security projects. So, what does Privileged Access Management mean and why is it considered so important? Before explaining what...
API Keys: Do You Know What Is?
Controlling access and ensuring the security of employee and customer data has been one of the biggest security challenges faced by organizations today, and this is intensified when sensitive information and assets are stored where access identifiers are not...
Machine Identity part 2 – Certificates
If one could travel back in time, maybe ten years ago, and tell about how many devices we have today, many would not believe how the Internet works today for us, making everyday life easier, even relying on these technologies. Among so many questions that people from...
Cluster: find out what it is, where they are and why it matters to your business
Every day and every moment we have new technological possibilities at our disposal to help us achieve a good performance in the internet media, for example. Clustering is often applied in many contexts, but when it comes to computing, it refers to the architecture of...
Machine Identity part 1
Until a few years ago, organizations had little technology resources for their employees to do their jobs, had the bare minimum to communicate internally and automate some processes. Today, the scenario has changed. Companies are increasingly leveraging their...
CIS Controls – PAM X 8 Secundary Controls
In our last article on the topic, we defined cyber-security risk as the likelihood of losses in a given project or organization to occur as a result of using interconnected systems. Gartner believes that by 2020, 100% of large companies will be required to report...
CIS Controls – PAM x 20 Controls Focused on PAM
The Michaelis Dictionary defines risk as the likelihood of damage in a given project or thing due to an uncertain event. This definition applies to anything that may expose people and organizations to risk, including Information Security. In this specific context, we...
IAM vs PAM – The Difference Between Identity and Access Management and Privileged Access Management
The importance of having an identity is undeniable. Not only do personal documents define our identity in society, but any feature that might portray who we are and what we do. Name, personality, physical appearance, and other features together create a unique image...
Business Case – Cybersecurity for Industry 4.0
With the evolution of industrial systems by the introduction of the Industrial Internet of Things (IIoT), preventing and ensuring device security in a new era of Industry 4.0 and smart manufacturing has been a major challenge for industries. In this sense, senhasegura...
Best Practices for Setting Passwords
With the emergence of cloud-based technologies, there is a growing demand and the consequent increase of services offered in this format. In this scenario, in which there were only two or three credentials to perform online tasks, today, the user is forced to deal...
The Difference Between Two-factor Authentication and Two-Step Verification
In recent years, questions related to user authentication have become more and more evident, considering that they are the reason or the means for preventing what is one of the biggest fears of any organization: data leaks from customers, suppliers, and employees. In...
Privacy: Invasion of Public Peoples Mobiles in The National Politics – Part 2
Last week, the case of the invasion of mobile phones of public people from national politics gained new perspectives and characters. According to the Federal Police, four suspects of being involved in the leakage of messages from the current Minister of Justice and...
Why Go To The Gartner Security & Risk Management Summit 2019
Until some time ago, Business Risk Management was linked to aspects such as productivity, market, resources, or regulatory environment. However, with digital transformation through the introduction of technologies such as Big Data, Cloud, Internet of Things, Machine...
PAM And The Standard 62443 (Industry 4.0)
Since 2013, the market has been promoting a new industrial revolution based on the adoption of new digital technologies, aiming at the improvement of industrial processes. This is happening across devices connected with the Internet of Things, cloud infrastructure and...
How important is Gartner to the cybersecurity universe?
Every day, new news about data leaks in organizations of all sizes and different industries is emerging. According to Accenture’s 2019 Cost of Cybercrime report, the number of leaks increased by 11% between 2017 and 2018, and 67% over the last 5 years. The trends show...
Privacy – Invasion of public people’s mobiles in the national politics
In the last days, news reporting that confidential messages exchanged between influential Brazilian authorities have leaked are putting the entire population on a state of alert due to the use of messaging applications and the privacy of their conversations. Former...
All About Social Engineering
Technology and its concepts are not only comprised of computers and software but also of people who operate and control those components. Although they are part of this set of systems and technologies in an “external” layer, the human factor is not treated the way it...
Robotic Process Automation
In the business world, the words productivity, speed, and efficiency are very common. These are some characteristics required by the market in relation to organizations, regardless of size or industry. However, achieving the desired productivity and efficiency can be...
Cybersecurity Glossary
The problems and aspects of cybersecurity - the set of means and technologies that aim to protect programs, computers, networks, and data against unlawful damage and invasion - arise daily in our personal and professional lives. Cyber attacks with serious consequences...
Gartner Selects Privileged Access Management as #1 Priority in Cybersecurity
In its report titled “Gartner Top 10 Security Projects for 2019”, Gartner unveiled the largest Information Security projects for this year. Privileged Access Management, or simply PAM, is in the first place from the list of projects that should gain CISOs’ attention...
How Privileged Access Management Helps Protect Critical Infrastructure Systems
Critical systems, or critical infrastructure, is currently a subject unknown to many. However, an incident in these environments can have serious consequences on the economic, social, and safety aspects of the population. Services and facilities such as water supply...
Zero Trust and Privileged Access Management
In order to keep the network and their infrastructure secure, many companies are making efforts to create security perimeters that will ensure unintended external accesses are not performed. At times, however, traditional protection means such as firewalls will not be...
How to create an information security policy in your company?
The evolution of computer networks has made information sharing increasingly prevalent. Information is now exchanged at a rate of trillions of bytes per millisecond, a daily number that can extend beyond the comprehension or available nomenclature. A proportion of...
7 important details between the LGPD (Brazilian) and the GDPR (European)
The European GDPR as inspiration for the Brazilian LGPD The General Data Protection Law (LGPD) and the Data Protection Regulation (GDPR) are very similar pieces of legislation, but their difference is the Data Privacy Officer (data controller) that the GDPR predicts,...