Blog

The topic of cyber threats is becoming increasingly present on the agendas of organizations of all sizes and verticals. With the intensification of the digital transformation movement through the introduction of technologies such as 5G and the Internet of Things,...

Ransomware is malicious software used by cybercriminals to block systems or encrypt data and demand ransom payments to unlock access to these resources.In this article, we show you the biggest ransomware attacks of 2022 that caused data leaks. Check it out:  ...

The US Cyber Security and Infrastructure Agency (CISA) and the Federal Bureau of Investigation (FBI) released this week a recovery guide for the ESXiArgs ransomware, which has harmed thousands of companies globally. This was because malicious attackers were allegedly...

Remote work and the adoption of cloud computing surfaced the concept of identity as a perimeter.In this sense, although it is not new, identity security first gained urgency as malicious attackers began to use machine identity management and access to achieve their...

We are in the last quarter of 2022. Yes, it is the end of the year, and we are headed to prepare for 2023. This is also the time when markets in general, including cybersecurity, are preparing to present their forecasts for the following year. We, from senhasegura,...

According to data extracted from a Cybersecurity Ventures' survey, ransomware costs will reach $20 billion next year. The survey also predicts this type of cyberattack will target corporations every 11 seconds. Ransomware consists of malware used by malicious agents...

Not investing in cybersecurity is a mistake that can cause incalculable loss to organizations. After the Covid-19 pandemic, digital vulnerability has reached alarming numbers with the implementation of the home office work model, bringing the need to develop effective...

Social engineering, in the context of information security, consists of practices performed by hackers to manipulate users to take actions that go against their interests, exploiting their vulnerability and lack of knowledge for their benefit. One of the main types of...

The process of digital transformation has intensified in companies of all sizes and industries, and is considered an essential factor for business success. One of the main consequences of this process is the exponential growth in the amount of data from customers,...

Granting administrator access to a user who does not even have time to explain why they need this permission is not an efficient way to solve a company's problems but rather to harm its security.  This is because sensitive data can fall into the wrong hands through a...

There are several methods by which malicious agents attack websites and destabilize network services and resources. One of the most widely used techniques is the DDoS attack, which means distributed denial-of-service. Through this attack, a website ends up becoming...

All of us have already heard of digital transformation at some point. This phenomenon affects companies of all verticals and sizes and has been gaining prominence in the market.  Digital transformation increasingly requires organizational leaders to adapt their...

The Internet of Things is now a part of our reality, making it possible to connect items used in everyday life with minimal human intervention and optimize the performance of equipment through connectivity. This concept is present in the video surveillance cameras we...

With the multiplication of computer systems, passwords have spread out both in our personal and professional lives. And the protection of credential passwords has become a major concern not only for organizations but also for society. And no wonder why those...

Uber employees last month discovered a hacker intrusion into their internal network. This was possible because the attacker announced his feat on the organization's Slack channel, as well as sharing it with the New York Times, which brought the story about the Uber...

Investing in cybersecurity is indispensable for companies of all sizes and industries, since threats such as data leaks and hacking attacks generate great financial losses. Thus, one of the most important measures in this regard is to rely on a PAM solution, which...

For some time now, the cybersecurity aspect has not been restricted to the environment of large organizations. Malicious attackers have been targeting their criminal activities on companies and individuals every day, greatly increasing cyber risks…

The implementation of the Zero Trust-based security model has gained space in recent times, promoting the default approach of never trusting, and always checking before granting access to a company's perimeter. This practice is extremely important to ensure...

In this article, we will show you how account lifecycle management works through best practices and what are the advantages of investing in the senhasegura PAM solution.  Our text is divided by topics. They are as follows: What Is Account Lifecycle and Its Management?...

The use of many credentials to access various services often causes people to opt for weak passwords or the reuse of passwords, making loopholes for the action of malicious agents.  Moreover, the explosion in the number of connected devices due to technologies such as...

In recent years the world has considerably evolved, with organizations increasingly adopting digital initiatives, like Cloud, IoT, Big Data, Artificial Intelligence and Machine Learning. And the Covid-19 pandemic has forced organizations to accelerate the adoption of...

Cybersecurity is an increasingly present topic at meetings at all levels of an organization. And with the increase in digitalization and connectivity of companies, cyber risks are increasingly associated with business risks and are not limited only to large...

When it comes to cybersecurity, staying informed is one of the first steps to avoid risks such as data leaks and hacker invasion, which can generate a series of disruptions in an organization, even compromising business continuity. The good news is that there is a lot...

Accelerated by the COVID-19 pandemic, remote work has seen a considerable boost in recent years, making many people understand what RPD and SSH are in practice, as they need to apply these protocols in industries. However, with increased remote access, exposure to...

With the imposition of social distancing caused by the Covid-19 pandemic, most companies began to migrate to remote work, adopting solutions such as cloud computing. According to Forrester, more than 50% of IT leaders have revealed the need to adapt to this reality,...

The Covid-19 pandemic has brought the need for many companies to join remote work with it. The mass adoption of this modality resulted in a significant increase in cyberattacks on IT business structures through breaches in the security of remote accesses. The...

For a long time, companies had data centers as their IT infrastructures, which needed to be protected from external agents.  Business-critical data was embedded in these allocations, including internal networks, client devices, Internet gateways, applications, and...

Many people fear the elimination of jobs due to the adoption of Robotic Process Automation, since robots are able to perform tasks previously performed by humans. However, we understand this technology is not able to replace all of our capabilities. We know that RPA...

According to the International Telecommunications Union (ITU) report published at the end of 2021, about 4.9 billion people used the Internet that year. This represents a jump of 800 million more people than before the pandemic. This means that every day, an...

With the adoption of remote work by most organizations, the need to join cloud computing and invest in solutions that provide security in this context has also increased. Therefore, we recommend using Cloud IAM to limit the privilege of users according to their roles,...

Like other industrial revolutions, Industry 4.0 came to transform the way of working with the digitalization of manufacturing environments. However, this feature poses several challenges in terms of cybersecurity. This is because increasingly sophisticated tools allow...

The constant evolution of technology has enabled a series of innovations in the industrial sector, among which we can highlight the use of artificial intelligence, the Internet of Things, and advanced robotics. However, these advances have increased the possibilities...

Cybersecurity issues have gained importance in organizations of all sizes and segments. After all, cybersecurity risks are increasingly associated with business continuity, which makes the protection of the infrastructure a hot topic from the operational through...

The process of digital transformation with the introduction of technologies such as 5G, DevOps and Internet of Things has caused an explosion of connected devices in organizations. According to Cisco, there were more than 20 billion connected devices in 2021, and the...

Human interaction with IT structures represents one of the main cyber threats faced by organizations of the most diverse sizes and industries.  This is just one of the important pieces of information extracted from the Verizon Data Breach Investigation Report 2021,...

With the evolution of technology, manufacturing sectors are increasingly digitalized through solutions that optimize the processes carried out in these environments, reducing costs, eliminating human failures, and generating more productivity.  Among the technologies...

In this article, we present the concept of just-in-time privileged access, its benefits, and mode of operation, among other extremely important information on the subject. To facilitate your reading, we divided our text into topics. They are: What Is Just-In-Time...

When it comes to information security, the risks to organizations are increasing by several factors. As an example, we can mention the increase in the number of cyberattacks, especially after the Covid-19 pandemic, which accelerated the mass adoption of remote work,...

Nowadays, cyber-attacks have become increasingly common and hit more and more companies, of all verticals and sizes. According to the SonicWall 2022 Cyber ​​Threat report, the number of cyberattacks involving data encryption increased by 167% in 2021, reaching 10.4...

The Sarbanes-Oxley Act (SOX) is primarily associated with business transparency and the use of accounting and financial controls to protect investors from fraudulent financial reporting. However, it is always important to remember the ever-increasing pivotal role...

In 2021, there was a 50% increase in the number of attacks on corporate networks compared to the previous year. This is pointed out by Check Point Research (CPR), Check Point's Threat Intelligence division. And many of these attacks involve exploiting this type of...

Today's organizations rely on numerous business applications, web services, and custom software solutions to meet business communications and other transaction requirements. Typically, multiple applications frequently require access to databases and other applications...

Virtually every day we see news of data breaches, which affect organizations of all types and sizes. From startups to global companies, they are subject to cyber attacks aimed at stealing (or even destroying) data. After all, the question is not “if”, but “when” an...

With the emergence of cloud-based technologies, there is a growing demand and the consequent increase in services offered in this format. In this scenario, in which there were only two or three credentials to perform online tasks, today, the user is forced to deal...

Hiring insurance is nothing more than a risk management strategy. In this case, the organization transfers the responsibility in the event of an unexpected event to a third party (in this case, the insurance company). And with the increase in security incidents and...

Texas is one of the richest states in the USA and has been receiving a large amount of tech companies in recent years: Oracle, Cloudflare, and Tesla changed cities like Palo Alto and San Francisco for Austin and Houston. So now you may be wondering: why did they...

In recent years, the adoption of Industry 4.0 technologies such as automation, 3D printers, robotics, and IoT is gaining a lot of momentum across manufacturers. These technologies that interface with the production lifecycle enable businesses to improve productivity...

Imagine yourself in a dining room in your company with colleagues and friends enjoying a meal. Suddenly, the lights flash and everyone's belongings mysteriously disappear. The only suspects are those in the environment, including you. But how to find the culprit? As...

Due to the increasing technological development in the market, we can clearly see how much the trend of product and service purchases by consumers has changed. Through more practical technologies, such as cellphones, laptops, and tablets, they are just a click away to...

The International Organization for Standardization is an internationally known and respected agency that manages and structures standards for various areas, including cybersecurity. ISO 27001 is a systematic approach to managing confidential company information so...

The extent of the use of third parties to carry out activities in companies today is really surprising. Companies are increasingly looking to outsource internal functions and operations and external services. According to the study, a quarter of companies said they...

Infrastructure security breaches damage healthcare organizations. A vulnerability in a hospital's cybersecurity network could expose sensitive patient data to those with malicious intent to use and take advantage of it. Electronic health records can be encrypted and...

Organizations of all kinds are increasingly subject to data theft and loss, whether the asset is customer information, intellectual property, or confidential files from the company.  The U.S. federal government and therefore its private contractors have long relied on...

If your organization works with payment cards, you've probably heard the term "PCI-DSS compliance" more than once. However, are you still confused about what it represents in your business? In the simplest terms, PCI-DSS is a set of 12 security standards designed to...

Data leaks are extremely harmful to your company and users, therefore, actions to avoid such failures and information collection is crucial for your company to have a respectable image and become a reference in this segment. How to Prevent a Data Leak by Internal...

But along with the efficiency ofIn a completely digital world, it is normal for all sensitive data of a person or company to circulate and be stored on computers or mobile devices. Whether through websites, folders or applications.  control and information disclosure,...

Making a list of all the configuration items used in your company and keeping this list up to date can be quite challenging, but it is extremely important not only for the IT team but also for the business in general. The good news is that this process can be...

Active Directory started with Windows Server due to the convenience of using the same password to perform several activities in a company, such as authenticating on a computer, accessing a system, and opening an email. In its database, one can store information about...

Some services depend on the integration between software, applications, or systems to be run by the end-user and this communication is possible due to the existence of APIs in people's daily lives. However, with the constant evolution of technology, these tools have...

Cloud computing makes it possible to access files and applications over the internet without them being on local computers. This concept became popular in 2008 but refers to the solutions envisioned in the 1960s. Being currently widely used, especially due to remote...

Each day more news of cyber attacks come up in the media, involving from Small and Medium Enterprises (SMEs) to large business conglomerates. These attacks can have several motivations: they can only serve as alerts for organizations to increase their cybersecurity...

Given the current context, post-covid-19, talking about cloud security with CIEM has become essential. This is because the pandemic motivated the adoption of remote work by most organizations, which resulted in a significant increase in the adoption of cloud-based...

DevsecOps is the abbreviation for development, security, and operations and has gained a lot of attention among the best methodologies for software development. According to Gartner, by the end of 2021, DevSecOps practices will be implemented in 60% of agile...

Secrets like passwords and ssh keys are scattered throughout the software development process. However, few people can access this data. Controlled access is still a major challenge for development teams, due to difficulties in managing this information and adopting...

Currently, most companies rely on their Information Technology department and IT service management (ITSM) to meet the demands of users and become increasingly competitive. But what is this strategy about after all? In practice, the term IT Service Management (ITSM)...

With technology increasingly present in our lives, ensuring the security of your company’s information has become a must. The market offers numerous tools to prevent cyberattacks and control internal access to sensitive data. One of the most efficient solutions we...

Every day there is more news related to security incidents, affecting organizations of all types and segments. With the greater sophistication of attacks and even considering a cyber warfare context, the trend is that the number of security incidents will increase even more.

Password reuse is one of the main reasons why passwords have been questioned as an effective measure to guarantee protection against intrusion into accounts and systems.  This practice is extremely risky as it allows a malicious agent to have access to numerous...

Everything You Need to[dnxte_text_highlight highlight_text="Know about SSH Keys" heading_tag="h1" highlight_alignment="center" stroke_color="#71ea90" dnxt_svg_select="zigzag" display_type_select="on" _builder_version="4.18.1" _module_preset="default"...

Password strength is one of the criteria considered when creating password policies. After all, this is one of the most efficient measures to prevent passwords from being breached. And worrying about this is of paramount importance for organizations today. This is...

Passwordless authentication has been a recommended option for IT teams. This is due to the fragility of passwords, which justifies the frequent news about hackers and data leaks. Also, the recommendation to periodically change passwords can encourage inappropriate...

Having an efficient password policy is critical to the cybersecurity of companies. Since using easy-to-identify passwords is a way to facilitate scams by malicious actors. For the same reason, repeating passwords is a risky practice. In 2021, more than 8.4 billion...

Cyberattacks on healthcare organizations have increased in recent years. As we have already stated on our blog, this is due to the sector's unpreparedness to deal with confidential data, since health services do not invest as they should in information security.  In...

Counting on maximum security is essential to bring a protected environment and strengthen customers' trust in the company. SSH keys are an important authentication mechanism that ensures data and information protection. They work as an access credential, being an...

The digital transformation process brought an increase in the number of connected devices, including industrial devices, in what we call Industry 4.0. Ensuring cybersecurity is essential to keeping any business system up and running. With that in mind, we have brought...

The coronavirus pandemic has driven workers home from work, which has raised concerns about digital security. This fear is justified, after all, according to Fortinet Threat Intelligence Insider Latin America, in the first half of 2020 alone there were more than 2.6...

With the evolution of computer technologies, the population has become increasingly connected, but there are complications, such as SQL Injection. Do you know it? In this article, we will explain what it is and how to protect yourself. SQL Injection: How to Prevent it...

We cannot deny that using a Privileged Access Management (PAM) solution considerably increases a corporation's information security. However, what many people do not know is that this type of solution has some basic functions so that a PAM solution can effectively...

A news article produced by the newspaper O Estado de São Paulo and replicated by the G1 website has pointed out that approximately 243 million Brazilians had their data exposed on the Internet due to failures by the Ministry of Health. These numbers include people who...

Information security does not only depend on investment in technology. To be effective within the corporate context, it is of paramount importance to make the entire team aware of the risks of having a vulnerable infrastructure. This means professionals must be...

Prioritizing information security is a necessity for all organizations, regardless of their size or industry. The trend is for actions in this area to become increasingly necessary, as the constant evolution of technology provides increasingly sophisticated tools for...

Failures in the IT infrastructure can compromise the continuity of a business. For this reason, organizations must have a disaster recovery strategy to avoid losses. This solution is useful to circumvent problems that can have different origins: natural disasters such...

When a given system is heavily accessed, it is recommended to invest in a load balancer. This solves the problem of slowness caused by system overload as it distributes traffic among different web servers in the resource pool. Thus, you can optimize its performance...

Computer equipment is subject to failures that can bring great inconvenience and damage to companies. In this sense, high availability systems are essential for carrying out activities that rely on energy, location, operation, software, and hardware. This technology...

Multi-factor authentication is a technological solution that aims to inhibit cyberattacks. In practice, this security strategy uses at least two types of mechanisms to identify an individual trying to access a certain system online. The methods can involve knowledge...

Implementing privileged access management in a company is critical to ensuring that there are no information theft and other security issues. The so-called cyberattacks are responsible, for example, for the theft and hijacking of information in exchange for money,...

With the significant increase in the number of malware and ransomware cases worldwide, ensuring the security of your company's privileged credentials has become a fundamental practice to protect it against insider threats, data leaks, and immeasurable financial...

In recent years, the technological dependence of companies and society has only increased. Companies have increasingly invested in digitizing their processes and providing the best experience for customers, partners, suppliers, and employees.  The digital...

Saudi Arabia’s Personal Data Protection Law (PDPL) was implemented by Royal Decree M/19 of 9/2/1443H (September 16, 2021), which approved Resolution No. 98 of 7/2/1443 H (September 14, 2021). It was published in the Republic Journal on September 24, 2021. The Saudi...

During the pandemic, cyberattacks grew more than ever. Theft, hijacks, and data leaks are increasingly popular practices in cybercrime. The lock and hijack for ransom (ransomware) category has stood out a lot, as data is a highly valuable resource and most companies...

What is HIPAA? Currently, this is one of the most frequently asked questions by many professionals working in the healthcare industry, especially in times of the Covid-19 pandemic. But why is it so important and what are its benefits for healthcare companies? First,...

Due to the growing technological development in the market, we can clearly see how much how consumers tend to buy products and services has changed. Through more practical technologies, such as cellphones, laptops, and tablets, for example, they are just a click away...

Leaving data unprotected ends up putting business continuity and your clients at risk. Therefore, it is necessary to implement standards that aim to make information more secure. One of the best known among them is ISO 27001, responsible for dealing with Information...

Remote work has some challenges, one of which is performing access management. But do you know the real importance of managing access even with remote work? Check it now and understand why it is important to manage access even when working remotely and be prepared to...

Knowing what to do to prevent Social Engineering attacks is essential to ensuring internet security. After all, cybersecurity is all about knowing who and what to trust when it comes to protecting your digital information. Here is everything you need to know about...

Cybersecurity has become one of the significant threats in the healthcare industry. As a whole, IT professionals must continually address health data security issues due to specifications outlined in regulations such as the Health Insurance Portability and...

The General Data Protection Law is already a reality in Brazil, after all, all the parameters imposed by the new order are already in force. But why is identity and access management important for LGPD compliance? As it is something new, it is natural that many...

With the coronavirus pandemic, companies had to adapt and reframe their businesses, which brought many benefits in terms of growth and digital presence. Home office and hybrid jobs are already a reality for most companies, especially technology ones; physical servers...

SQL Injection is one of the most dangerous vulnerabilities for websites and online applications. It occurs when a user adds untrusted data to a database query, for example, when filling out a web form.  If data injection is enabled, attackers can create user input to...

When it involves ransomware protection, it is better to be safer than sorry, isn't it? To achieve this goal, a vigilant outlook and the right security software are essential, since a moment of carelessness is enough to fall victim to a cyberattack. You probably know...

Ransomware attacks are one of the biggest fears of companies today. Imagine having to use your business resources to pay cybercriminals. This is a reality that happens. However, in case your company suffers a ransomware attack, what is the best option: To pay or not...

Despite being something old, from the 1990s, few people know how pass-the-hash attacks work. Keep reading the article to find out! Where Did the Name “Pass-the-hash” Come From? Pass-the-hash attacks occur when an attacker steals a user’s credential with a hash...

Updating the operating system is a common activity. However, in July 2021, one of Microsoft’s Windows updates gained prominence.   Let’s talk about it: Windows print spooler failure: why should I update immediately? What is Print Spooler Failure? The print spooler is...

Technology has undergone constant change, as innovations that emerge today can be surpassed tomorrow, and so on. This is a reality that can be contemplated in the IT sector or corporate software developers. As the market becomes increasingly competitive as a result of...

Global efforts to ensure data protection have increased dramatically over the years. Governments around the world have been concerned with creating laws and regulations that ensure the security of circulation and processing of information from citizens and users,...

On July 2, a Russian group of hackers exploited a flaw in the Kaseya company’s management software, affecting its systems and causing problems for it and its customers. The massive cyberattack affected around 1,500 businesses in 17 countries. The attackers promised to...

Information security is very important to companies, so investing in cybersecurity must always be considered a priority. However, Brazilian companies still face several challenges in this sector. Do you know what the main cybersecurity challenges are for Brazilian...

Cloud computing has been around for some time, and while data points to the efficiency, cost-effectiveness, and competitive advantages it has, a large part of the business community continues to operate without it.  According to a study by the International Data...

We all know that cyber vulnerabilities are not a current issue. However, with the evolution of technology and virtualization growing in all areas of society, cybercrime becomes more and more frequent, creating a critical problem that deserves a lot of attention from...

Nomenclatures and acronyms are part of the routine of those who work in the technology area. Picture a physical archive room, the kind we see in movies and series set in hospitals or police departments, separated by a bookcase full of folders: when we get to the...

Performing any task today is much easier than it was a few years ago. With the evolution of technology, the consumer can make purchases faster and more practical, receive optimized ads - which help a lot when purchasing something -, social networks with features that...

As technology becomes increasingly sophisticated, criminals' skills often evolve as well, in many cases surpassing the skills of security professionals within organizations. The proof of this is that the number of successful attacks is growing every year.  We live in...

Several Latin American countries have advanced in the Global Cybersecurity Index, a report supported by the International Telecommunication Union (ITU). Brazil, Mexico, Uruguay, Dominican Republic, and Chile had the best performances in the region. Although there are...

The rise of smart devices and shifting customer preferences have driven the global digital transformation at full steam. As a result, companies are discovering more and more opportunities and cutting-edge resources for competitive advantage and growth. Moreover, the...

Protecting privileged credentials is essential in the cybersecurity strategies of companies of all sizes and verticals. According to Verizon in its Data Breach Investigations Report 2021, 61% of data leaks involved privileged credentials. No wonder they are called...

Currently, the use of information is a great ally for companies from different industries. However, along with this, comes the need to protect this information with what is called information security. But do you know what the pillars of information security are? This...

In a world of constantly evolving technology, SysAdmin is one of the oldest and most in-demand roles in the technology field.  While not always getting all the glory, SysAdmin is a critical piece of the technology organization and essential to the success of a...

Given the importance of protecting employees and the information of an entire corporation, it is essential to understand and put into practice the 5 pillars of information security. Dealing with information security has already become a routine agenda in management...

With the evolution of technology and the revolution in the information age, the concern with data security has become more and more constant for companies, governments, and users. Since data are fundamental assets for the growth of companies, investing in protection...

Implementing privileged access management to systems in a company is critical to ensuring that there are no information theft and other security issues. The so-called cyberattacks are responsible, for example, for the theft and hijacking of information in exchange for...

In the contemporary world, where the use of technological means and virtual systems is becoming more and more indispensable, one of the great problems caused by criminal entities has been the invasion and theft of data. It is important to emphasize that, with the...

A maioria das pessoas pode achar difícil entender a importância da criptografia para a  cibersegurança e criptografia, especialmente porque ambas são projetadas para lidar com o crime digital.   É essencial compreender e diferenciar os dois termos de acordo com sua...

Most people may find it difficult to understand the importance of encryption for cybersecurity, especially since both are designed to deal with cybercrime.  It is important to understand and differentiate the two terms according to their role in technology. In this...

When it comes to cybersecurity, many think about protecting themselves against hackers who use technological flaws in a system to steal data.  But cyberattacks can't just be malware intrusions, there are other ways to infiltrate organizations and networks with the...

Cyberattacks have been causing concern and discomfort for those who use and depend on digital spaces for some time now. This type of activity disrespects the private life of social subjects, in order to expose them to different types of risks.  They usually occur...

In a world of complex cybersecurity threats and mobile workforces armed with multiple apps and devices, security in Zero Trust aims to provide comprehensive protection. The Zero Trust approach never assumes that a request comes from a trusted source, even if it...

This May, the Center for Internet Security (CIS) has launched version 8 of the security control tool for critical systems, especially marked by structural progress aimed at cloud and mobile environments. The concentration of online tasks and the remote work model are...

We are already in the month of May, and you know what we celebrate on the first Thursday of this month, rigtht? That's correct, it is World Password Day. Celebrated since 2013, this day reminds us of adequate cyber awareness and the importance of password protection...

7 signs that your company need to improve[dnxte_text_highlight highlight_text="the security of sensitive data" heading_tag="h1" highlight_alignment="center" stroke_color="#71ea90" display_type_select="on" _builder_version="4.18.0" _module_preset="default"...

With the growth of cyberattacks, access credentials have become a strong attack vector. In 74% of cases of data breaches, companies confirm unauthorized access to a privileged account as its main cause. In addition, The Verizon Data Breach Investigations Report (DBIR)...

Gartner is a company recognized for providing impartial, high-quality consulting and research on the IT market, as well as providing valuable information and insights to the entire technology community. Through its more than 15,000 employees, Gartner also contributes...

As of August 1, 2021, the fines imposed by the LGPD (Brazilian General Data Protection Law) will be applied to companies that are not adapted to the new law. In order to prevent your company from being harmed, it is important to adapt it as soon as possible to the...

We know that the protection and security of business activities and processes are of paramount importance for a company. This is because, in addition to cyber invasions being vastly frequent in the virtual space, they also offer several problems for a company,...

Anyone who works with technology has certainly heard of or uses Microsoft Exchange, Microsoft's server solution for email and calendar. Exchange is used worldwide by companies of all sizes, being preferred for its versatility and ease of use, and billions of...

The Covid-19 pandemic has caused massive adoption of remote working models in organizations of all sizes. Besides, security leaders have also accelerated the migration of their infrastructure to cloud environments. According to a study conducted in partnership by...

The cloud concept is less and less a buzzword and more of a need. Everyone, from application developers, executives, and students, is benefiting from the flexibility and reliability of cloud-based solutions. Although the cloud has evolved a lot in recent years, there...

Insider threats take many forms. Some are malicious agents looking for financial gain. Others are simply careless or unaware employees who click on suspicious links. An insider threat can be defined as someone close to an organization, with authorized access,...

In the late 1960s, AT&T Bell Labs launched Unix, its operating system. The new system, which uses a command-line interface, or CLI, soon became popular in companies around the world for having open source, in addition to allowing easy modification and good...

Application-to-Application Password Management (AAPM) eliminates the need to store credentials in application source codes, scripts, and configuration files. In this way, passwords are managed by the AAPM solution and become unknown to developers and support staff....

Privileged Access Management (PAM) is formed by a set of cybersecurity strategies and technologies to exercise control over privileged access and permissions for users, accounts, processes, and systems in a technological environment. A PAM is an ideal solution for...

One of the most debated subjects on the market is Digital Transformation, now boosted by the Covid-19 pandemic. We heard about the adoption of technologies to transform business processes not only during “lives”, but also in articles, conferences, and even family...

We, from senhasegura, a provider considered Challenger by Gartner in its Magic Quadrant for PAM 2020 report, are proud to announce that we have also received the Customer’s Choice seal by Gartner in the Voice of the Customer: Privileged Access Management report. This...

Privileged credentials are spread across the infrastructure of organizations of all sizes and types. Through them, it is possible to take a series of administrative actions, such as significant changes in assets and critical systems as Domain Admin servers or ERP...

The year 2021 has arrived, and organizations of all types and sizes are continuing their efforts to adapt their workforce to the new work reality imposed by the Covid-19 pandemic. People, who were previously working using corporate devices and infrastructure within...

Risk management is a very present and important issue when it comes to Information Security. From an analysis, the main business processes of an organization and their respective risks are mapped out. By classifying these risks, the organization's senior management...

Digital transformation offers a series of benefits for companies of all sizes and industries. However, the results achieved by this transformation are not obtained without challenges. The new digital age has led to an exponential increase in the amount of data,...

In recent years, the mass adoption of cloud-based solutions, leveraged by the migration of the workforce to remote models caused by the covid-19 pandemic, has brought new levels of speed and scalability to organizations. Through this migration, it was possible to...

It is well known that hackers wreak havoc around the world with advanced cyberattacks targeting a company's most valuable assets. Another worrying scenario is the existence of malicious people inside a company who disclose confidential information to the public or...

“I am what I am for what we are” - Ubuntu MT4 Tecnologia Ltda. developed, developer and owner of the senhasegura solution, it was certified in 2020 with the seal "Great Place to Work " in its first year of participation in the research and becomes part of the select...

For the second year in a row, Privileged Access Management (PAM) is listed as one of Gartner’s top security priorities. Although they have been around for decades, PAM tools are increasingly vital as access privileges become more complex. In fact, experts predict that...

In addition to protecting companies from hackers, malware, and external attacks, it is now vital to be prepared for insider threats, whose culprit of the cyberattack is an employee of the companies. Often, what drives these attacks is an employee's negative opinion...

With the significant increase in the number of malware and ransomware cases worldwide, ensuring the security of your company's privileged credentials has become a fundamental practice to protect it against inside threats, data leaks, and immeasurable financial losses....

Information security and compliance are essential for businesses around the world, especially given past examples of data breaches and threats to cybersecurity. Still, compliance has long been considered the group that slows things down, often requiring a more...

Looking at the vulnerability scenario in hospital-data systems, in 1996, the American government created a set of mandatory rules called the Health Insurance Portability and Accountability Act (HIPAA).  HIPAA applies to all hospital institutes in the United States,...

The management of access identities has become an important and indispensable practice in the information security of any company. The protection of privileged credentials is a great way to guarantee the security of data and compliance with the data protection laws in...

Due to the increase in cyberattacks and the enforcement of several data protection laws, it has become an obligation, in the corporate environment, to take care of personal and sensitive data of a company. When we talk about information security, it is essential to...

According to a report recently published by Kaspersky, the number of users who have experienced some type of cyberattack in the first half of 2020 increased by 20,000%. Also, the company BBOViz points out that Brazil is the second country that suffers the most threats...

With the increase in phishing attacks all over the world due to the outbreak of COVID-19, companies are reassessing the efficiency of their information security systems, since the home office opens loopholes for a company's security and such type of malware. One of...

Due to COVID-19, the attention of CISOs had to be reinforced to plan an efficient information security strategy, and to help in this task, Gartner has published a very interesting report, which pointed out some security trends and risks for information security in...

Managing privileged access to a corporation has become an obligation almost everywhere in the world. Laws such as the LGPD (General Data Protection Law) and GDPR (General Data Protection Regulation) oblige companies to maintain the integrity and security of the data...

According to Gartner - an Institute with a focus on researching, executing programs, and consulting and recommending efficient technologies for its customers, such as digital security - there are some fundamental projects for a company to ensure information security...

It is undeniable that the use of a privileged access management solution (PAM) considerably improves a company's information security. But what many do not know is that there are some essential features or recommendations for a PAM solution to guarantee information...

Another cyberattack with devastating consequences for financial institutions. The target now was BancoEstado, one of the three largest Chilean banks, which was affected by ransomware on September 6. According to a statement to Chile’s Cybersecurity Incident Response...

Any corporation is subject to some type of cyberattack, and it is essential to have a system that defends and maintains data integrity. According to a report by Fortinet Threat Intelligence, Brazil has suffered more than 24 billion cyberattack attempts in 2019, a fact...

After two years of waiting, the general data protection law (LGPD) will finally come into force in Brazil. The law aims to regulate the processing of personal data, mainly ensuring the security, transparency, and integrity of the data provided. Since its announcement,...

Through the digital transformation, now driven by the Covid-19 pandemic, we see a massive migration to decentralized, cloud-based models. And those who already use these models will further accelerate the migration to the cloud. According to Gartner, by 2021, more...

Gartner is an organization dedicated to giving consultancy to companies that need to hire some type of cutting-edge technology to meet their needs. For its consultancy to choose a good solution assertively, the institution periodically generates a report called...

With the increase in the number of devices and applications connected through digital transformation and the Internet of Things (IoT), the concern to build secure networks also grows to ensure the protection of data (in times of even more rigid data protection...

With the increase in remote work, as a consequence of the Covid-19 pandemic and its social distancing, organizations have seen the need to secure information even at a distance. One of the main measures being taken is the use of Cloud-based environments in the work...

Currently, it is almost impossible to mention an IT issue that is not connected to digital transformation. The growth of IoT devices, Industry 4.0, Cloud, and DevOps are some of the hottest topics on the market, and they have one thing in common: they all involve...

Last Saturday (18), the digital world was shocked by another episode of data leaks, and the protagonist this time was Twitter. That's right, hackers were able to steal data from users of the microblogging platform. And it was not ordinary users, but celebrities,...

Every day, we hear about cyberattacks against companies of all kinds. According to the 2019 Cost of a Data Breach Report, not only did the number of data leaks rise, but its cost as well. The average cost of a data leak, in the 507 organizations surveyed, was USD 3.92...

It is undeniable that people are increasingly immersed in the digital world, and through the digital transformation phenomenon, the increase in personal data that is made available on the web only increases. It is difficult for a person who frequently uses the...

With the emergence of computer systems and, later, the internet, people and organizations have begun to use these resources to speed up their tasks and make their lives easier. Thus, performing activities for both business and personal life (such as shopping and...

The mentality in the cybersecurity world has been changing with the migration from trust-based models (Trust, but verify) to zero trust-based ones. This change is mainly because of the trend towards an increase in internal threat incidents. It is a trend that makes it...

With the digital transformation, boosted by the Covid-19 pandemic, a large number of users were forced to work remotely. In many cases, corporate devices have been replaced by the Bring Your Own Device (BYOD) policies.  But what is it and how to maintain BYOD...

With the migration of the workforce to remote-work models, endpoint protection has been considered a major concern within the cybersecurity industry. This change further reinforces the elimination of the security perimeter concept, based on Zero Trust approaches....

Digital transformation, now accelerated by the Covid-19 pandemic, will drive businesses like Cloud, IT Services, and Development. Against this background, new agile software-development methods, such as DevOps, have significantly changed the way companies operate,...

With the increase in connected devices, mainly based on the Internet of Things (IoT), the number of malicious attacks has also increased. They aim at stealing data, and for organizations, the main result of which is the loss of revenue, reputation, and trust from...

Highlighted by the fact that many places around the world are on a virtual lockdown due to the Coronavirus, many employees are being forced to work remotely. Today we have the technology and capability to make this happen, we have personal as well as company internet...

Companies are increasingly concerned with information security in their infrastructure, considering that an insecure system is vulnerable to various types of cyberattacks, such as phishing, which is on the rise today. This type of attack basically consists of invading...

Information security is a topic that is on the spotlight worldwide, and professionals from the field are the ones who need to be most concerned with this type of measure, since they maintain the data security system of an entire company under surveillance through...

The world is increasingly connected, and that is not something new, so the more people have access to new technologies, the more personal information will be stored, both in on-premise environments and Cloud-based infrastructures. In addition to the legislation for...

The Covid-19 pandemic has flooded the news daily and left the whole world concerned about its effects on the lives of people and organizations.  The new virus has significantly reduced the pace of business and the flow of people through protective isolation actions,...

Ransomware has been a hot topic since the cyberattacks boom in 2016, in several countries, such as: Ukraine, Russia, United Kingdom, India, causing incalculable losses for several companies, which started to look deeper into the Ransomware world - what it is and how...

In a cybersecurity context, the privilege aspect is understood as the level of authorization for access (and control) over IT systems, information assets, and applications. In this specific context, low control over privileged user accounts is usually a source of risk...

With digital transformation and increased competition, it is increasingly important for organizations to achieve progressive and better results using fewer resources. In this sense, business requirements have been changing over the past few years, based on a new...

With the digital transformation, much has been said about reducing costs and increasing the speed of software development. In this context, the software delivery pipeline is focused on delivering high-quality products and services to the market, in an increasingly...

The first days of 2020 have been marked by escalating tensions between countries like the United States, Iran, Russia, and North Korea. We have heard a lot about cyberwarfare and its growing use by governments around the world. But, what possible conflicts between...

The cybersecurity issue has remained at the top of the list of priorities and concerns for individuals, companies, and governments in recent years. In 2020, the Olympic Games, American presidential elections, the expansion of connected devices and the 5G internet, in...

Risk management quantifies and qualitatively describes the risk of Information Security, allowing companies to prioritize risks according to their severity and thus ensure business continuity. Risk management determines the value of an information asset, identifies...

The growing demand for privileged action automation, Cloud, and DevSecOps, as well as ease of use and deployment, have been some of the requirements from users of our senhasegura solution family for Privileged Access Management.  The complexity of a PAM solution...

When it comes to Information Security, a hot topic right now is Social Engineering. As famous hacker and social engineer Kevin Mitnick defines in his book “The Art of Deception”:   “You might say there are two specialties within the job classification of con artist....

In a world where Digital Transformation - through remote teams, Cloud, and Bring-Your-Own-Device (BYOD) - is increasingly impacting business and people’s lives, new cyber threats are emerging as challenges to organizations. One such threat is theft of user identities,...

Which company hasn’t ever found itself needing to grant access to a user for just a day or a few hours?  Access of which is from a third party or partner who needs specific information or system maintenance that results in the creation of another user for access to...

A few years ago, data was printed and stored in folders and drawers, rooms with confidential information were locked with keys, which were held by only one employee.  Today, all this is very different, most of the data is stored and travels in technological means. In...

One of the biggest organizational nightmares today is being attacked by ransomware. Worse than that is failing to recover from such an attack. In this article, we will look at the second ransomware attack within a year in the city of Baltimore and what organizations...

Imagine yourself in a dining room at your company with colleagues and friends enjoying a meal. Suddenly, the lights flash and everyone's belongings mysteriously disappear. The only suspects are those in the environment, including you. But how to find the culprit? As...

Gartner, in its document Gartner Top 10 Security Projects, named Privileged Access Management (PAM) as the number one priority in security projects. So, what does Privileged Access Management mean and why is it considered so important? Before explaining what...

Controlling access and ensuring the security of employee and customer data has been one of the biggest security challenges faced by organizations today, and this is intensified when sensitive information and assets are stored where access identifiers are not...

If one could travel back in time, maybe ten years ago, and tell about how many devices we have today, many would not believe how the Internet works today for us, making everyday life easier, even relying on these technologies.  Among so many questions that people from...

Every day and every moment we have new technological possibilities at our disposal to help us achieve a good performance in the internet media, for example. Clustering is often applied in many contexts, but when it comes to computing, it refers to the architecture of...

Until a few years ago, organizations had little technology resources for their employees to do their jobs, had the bare minimum to communicate internally and automate some processes. Today, the scenario has changed. Companies are increasingly leveraging their...

In our last article on the topic, we defined cyber-security risk as the likelihood of losses in a given project or organization to occur as a result of using interconnected systems. Gartner believes that by 2020, 100% of large companies will be required to report...

The Michaelis Dictionary defines risk as the likelihood of damage in a given project or thing due to an uncertain event. This definition applies to anything that may expose people and organizations to risk, including Information Security. In this specific context, we...

The importance of having an identity is undeniable. Not only do personal documents define our identity in society, but any feature that might portray who we are and what we do. Name, personality, physical appearance, and other features together create a unique image...

With the evolution of industrial systems by the introduction of the Industrial Internet of Things (IIoT), preventing and ensuring device security in a new era of Industry 4.0 and smart manufacturing has been a major challenge for industries. In this sense, senhasegura...

With the emergence of cloud-based technologies, there is a growing demand and the consequent increase of services offered in this format. In this scenario, in which there were only two or three credentials to perform online tasks, today, the user is forced to deal...

In recent years, questions related to user authentication have become more and more evident, considering that they are the reason or the means for preventing what is one of the biggest fears of any organization: data leaks from customers, suppliers, and employees. In...

Last week, the case of the invasion of mobile phones of public people from national politics gained new perspectives and characters. According to the Federal Police, four suspects of being involved in the leakage of messages from the current Minister of Justice and...

Until some time ago, Business Risk Management was linked to aspects such as productivity, market, resources, or regulatory environment. However, with digital transformation through the introduction of technologies such as Big Data, Cloud, Internet of Things, Machine...

Since 2013, the market has been promoting a new industrial revolution based on the adoption of new digital technologies, aiming at the improvement of industrial processes. This is happening across devices connected with the Internet of Things, cloud infrastructure and...

Every day, new news about data leaks in organizations of all sizes and different industries is emerging. According to Accenture’s 2019 Cost of Cybercrime report, the number of leaks increased by 11% between 2017 and 2018, and 67% over the last 5 years. The trends show...

In the last days, news reporting that confidential messages exchanged between influential Brazilian authorities have leaked are putting the entire population on a state of alert due to the use of messaging applications and the privacy of their conversations.  Former...

Technology and its concepts are not only comprised of computers and software but also of people who operate and control those components. Although they are part of this set of systems and technologies in an “external” layer, the human factor is not treated the way it...

In the business world, the words productivity, speed, and efficiency are very common. These are some characteristics required by the market in relation to organizations, regardless of size or industry. However, achieving the desired productivity and efficiency can be...

The problems and aspects of cybersecurity - the set of means and technologies that aim to protect programs, computers, networks, and data against unlawful damage and invasion - arise daily in our personal and professional lives. Cyber attacks with serious consequences...

In its report titled “Gartner Top 10 Security Projects for 2019”, Gartner unveiled the largest Information Security projects for this year.  Privileged Access Management, or simply PAM, is in the first place from the list of projects that should gain CISOs’ attention...

Critical systems, or critical infrastructure, is currently a subject unknown to many. However, an incident in these environments can have serious consequences on the economic, social, and safety aspects of the population. Services and facilities such as water supply...

In order to keep the network and their infrastructure secure, many companies are making efforts to create security perimeters that will ensure unintended external accesses are not performed. At times, however, traditional protection means such as firewalls will not be...

The evolution of computer networks has made information sharing increasingly prevalent. Information is now exchanged at a rate of trillions of bytes per millisecond, a daily number that can extend beyond the comprehension or available nomenclature. A proportion of...

The European GDPR as inspiration for the Brazilian LGPD The General Data Protection Law (LGPD) and the Data Protection Regulation (GDPR) are very similar pieces of legislation, but their difference is the Data Privacy Officer (data controller) that the GDPR predicts,...