Back

Andy Harris

Chief Technology Officer

In a long and distinguished career, including being Technical Director at Integralis, Andy has invented many leading-edge technologies including IP Network Translation Gateway, Print Symbiont Technologies for LANbased printers and Disaster Master, a technique of continuously updating a backup site with mirrored data. As one of the Co-Founders and CTO of MIMEsweeper, Andy was the creator of the world’s first content security solution which became the default product in its space. Andy went on to start WebBrick Systems which was one of the pioneering Home Automation technologies, also a forerunner to what we know as IOT devices today. As Engineering Director, Andy has created and patented several core components in the Osirium product family.

Andy Harris

's posts

December 14, 2021

Apache Log4j Vulnerability

A critical vulnerability has been found in Log4J - Osirium products are not affected, find out why ...

December 1, 2021

Passwordless Authentication for PAM with Authlogics

Passwords are not a great way to protect systems used by human beings. With Authlogics, PAM access can be secure without passwords. Learn more ...

June 14, 2021

Implementing Zero Trust with Osirium products

Zero Trust architecture is the best way to protect against infection by ransomware or malware, but needs careful planning. Learn more in this blog.

April 21, 2021

Supply Chain Threats, Buffalo Jumps And The Simple Things That Count For MSPs

Many organizations depend on MSPs and MSSPs. This article discusses why MSP security is critical to protect themselves and their clients.

April 8, 2021

Ransomware: Understanding the threat and blocking lateral movement

Understanding the threat and blocking lateral movement from ransomware

February 5, 2021

What is Privileged Access Security?

At Osirium, we believe that Privileged Access Security is a combination of three fundamental functions that use three foundation technologies

February 2, 2021

Are Privileged Access Management (PAM) and Identity Access Management (IAM) the same?

Both IAM and PAM are critical areas of cyber security delivering protection to different audiences, but what are the differences are they both needed?

January 12, 2021

Protecting backups with PAM

Backups are absolutely so need careful protection. That's why you must use PAM to access backup management systems like PAM. Find out more ...

November 10, 2020

Cloudifying Multi-Factor Authentication for Privileged Access Management with RSA

The combination of Osirum Privileged Access Management (PAM) with RSA Identity Provider makes a powerful and flexible cloud-based privilege access solution.

October 27, 2020

IAM v PAM as a single pane of glass for evaluating user security posture

IAM and PAM may seem like duplication or in competition but in reality, they're both needed for a single pane of glass security posture. Find out why.

September 9, 2020

Patch Tuesday Made Easy - With Privileged Process Automation

Managing patches to an estate of Windows is a major effort. Privileged Process Automation (PPA) can accelerate and simplify the whole process, see how ...

September 3, 2020

Adaptive Authorisation vs Adaptive Authentication

Automation is great but it has to be smart to decide when changes are safe and when more review and approval is needed. See how PPA does Adaptive Authorisation

July 15, 2020

Privileged Access Security - A Deeper Dive

Privileged Access Security should be a priority. Osirium CTO, Andy Harris, explains why and lays out the roadmap for a solution.

June 29, 2020

Some Inconvenient Truths About Credentials and Remote Access

In general VPN access is more risky than office based access, and there are some uncomfortable truths about humans and credentials.

April 27, 2020

PIM, PUM and PAM explained

Here’s a quick rundown of all these terms, what they do, and which bits of the Platform performs them:

April 2, 2020

Privileged Endpoint Management - Managing Developer's Systems

Developers need to install and configure Visual Studio and various add-ins to do their work. PEM lets them do their work without needing local admin rights

March 6, 2020

How Does Privileged Process Automation (PPA) Work?

Privileged Process Automation (PPA) can be transformative for IT and business processes, find out how ....

October 11, 2019

Instant Internal Auditing with PAM, SIEM and Slack

For many organisations, Slack has become the central core of communications between processes and people.

September 17, 2019

Fault-Tolerant, Highly-Available Privileged Access Management

We’re often asked about high availability and fault tolerance for Osirium PAM

August 28, 2019

Controlling AWS Costs with PPA

Controlling AWS costs usually needs an Admin account and specialist knowledge. With PPA, anyone with the right role can do it.

August 9, 2019

Auditing Privileged Access Management

Where would the investor confidence be without the governance...

August 8, 2019

Five Reasons Why You’ll Sleep Better with Privileged Access Management

If you’re an IT manager or strategist, you want to spend your time developing systems and solutions that propel your business forward, in an ideal world …

July 30, 2019

Multi-Factor Authentication: Osirium PAM and OneLogin

Osirium PAM provides Privileged Access Management (PAM) using the principle of identity-in / role-out

June 12, 2019

Why you need PAM for Process Automation

In this post, we're going to look at some aspects of automating a privileged process

May 31, 2019

Privileged Access to Web Apps – A Magical Solution

One of the distinct advantages of Osirium PAM is its ability to deliver Privileged Access Management (PAM) to a very wide range of systems

May 24, 2019

Securing Third Party Access

There’s a lot of good that can be achieved when working closely with third parties, but there are also a lot of risks

February 14, 2019

The journey through PAM, PTM and onto RPA

Secure automation needs more than just robots, you need privileged process automation.

February 11, 2019

What is Privileged Robotic Process Automation?

Here, we are going to outline the differences between Robotic Process Automation (RPA) and the Privileged version (PRPA)

February 8, 2019

Privileged Access Management – Common Use Cases

PAM (Privileged Access Management) solutions are built to control access to Privileged Accounts to drive security. Here, we will outline some of the common use

January 10, 2019

Webinar: Why NHS security professionals need a new approach to PAM

Osirium’s PAM is specially designed to stop cyber-attackers from hacking NHS operations

December 10, 2018

Privileged Pixel Management – A New Form of PxM

If your Christmas party needs its people separated from pixels then PPM is not a product that we ship. Of course you can use PAM Express :-)

November 28, 2018

Sharing Privileged Accounts With Third Parties

In this article, we'll look at customer, MSP and contractor sides of this issue. Outsourcing work to a third-party is a frequent occurrence.

September 27, 2018

IoT, Internet of Things is not a good term…

First off, the first main issue is the word 'Things', it is too general. Things break down into different categories

September 27, 2018

Fast-Slow or Slow-Fast? Two different approaches to digital transformation

We're always intrigued by the wide range of descriptions of ‘digital transformation’ here are a few considerations

September 21, 2018

Osirium and RazorSecure Strategic Alliance

Strategic alliance means sharing ideas, code and pre-production demostrations along with modifications to our main products.

August 9, 2018

Separate your business from cyber-attacks – Separate people from passwords

The cybersecurity landscape is ever changing. New threats appear daily, and the techniques used by attackers continuously evolve.

June 29, 2018

Multi-factor Authentication Improvements in PxM Platform Version 6.1.0

Since Osirium PAM is an 'Identity In - Role Out' product, the quality of identity proof is crucial in highly secure environments.

June 27, 2018

Using SSH Keys for Authentication in Privileged Access Management

Osirium's PxM Platform can use both passwords and SSH Keys for the role-based connections where the device supports keys.

June 18, 2018

What DevOps need to know about Privileged Account and Credential Security

DevOps is hard enough, don't let the risk of exposing credentials make it worse.

June 4, 2018

Why PAM should be on every Operations Managers’ wish list

Operations Managers are at the centre of IT production, running the systems, applications and infrastructure that are the lifeblood of the organisation.

May 13, 2018

PAM Express Introductory Video Series

A new set of tutorial videos to get you up and running fast

April 4, 2018

Robotic Process Automation (RPA) and Task Automation

Robotic Process Automation (RPA) within our solutions for more than eight years in our Privileged Task Management module.

March 28, 2018

Database Task Automation for Asterisk (AsteriskNOW)

Like most sales managers, our internal sales manager needed access to the Call Record Database of our AsteriskNOW implementation.

March 16, 2018

Using Elastic Stack with the Osirium Privileged Management Platform

Here’s the How-To video for using Osirium's PxM Platform with Elastic Stack.

March 15, 2018

Implementing the Dual Account model with Osirium PAM

The Dual Account model has long been best practice amongst SysAdmins and DevOps. This blog explores what the model entails.

February 26, 2018

Meeting significant GDPR needs using Osirium’s PAM

Here’s the problem for Osirium; Every cyber security company out there is suggesting that they address GDPR requirements.

February 26, 2018

Surprising benefits for the Board when you choose Osirium’s PxM

Osirium's PAM provides many business benefits that will keep the Board happy.

February 22, 2018

Responding to the unique needs of M(S)SP’s

Managed Security Service Providers face differing challenges to other industries we serve. With GDPR on the horizon, we discuss these unique needs.

February 21, 2018

Cybersecurity – Making it everyone’s business is futile

Let’s discuss the value of the cloud and outsourcing, not regarding cost, but security

February 21, 2018

Building a coping mechanism for data breaches

Breaches may be daily news, but they will always be a significant worry for business stakeholders

February 8, 2018

Cybersecurity in the NHS (part two) – Separating people from passwords

NHS seeks to improve, the outsourcing of IT contracts has increased, and data security controls that should protect staff and patients

February 1, 2018

Least Privileged Model with Privileged Account Management (PAM)

Least Privileged Model – It’s accepted knowledge that a least privileged model are good for security. They limit what a person, system or code base can do

January 24, 2018

MAP Server – Protecting legacy applications

At Osirium, we created our Management Application Proxy Server (MAP Server)

January 11, 2018

Cybersecurity in the NHS (PT 1) Protecting the NHS from the inside-out

A colossal 40% of malware attacks in the UK are made against public sector institutions

October 26, 2017

Osirium at Pycon: Ed Reveals the Patterns in our Pit of Success

Ed’s presentation covered how we identify the good from the bad. In particular how the choice of good boundaries for Functions and API’s

October 14, 2017

Osirium: When your biggest problems are solved, you look to the next one

The difference between what the Osirium PxM Platform is purchased for, and what our longstanding customers actually do with our products

August 14, 2017

So What’s Wrong with Blacklisting Commands?

For example, your organisation thinks it is a good idea to blacklist the ‘rm’ command. Let’s consider the difference between these command sequences

April 7, 2017

Notes from the Fraud Tube Spring Event

With a new format covering the best part of the day and into the night, there was an eclectic mix of presentations prompting us to really think about...

April 7, 2017

Privileged Access Management with SailPoint’s Identity Governance

We’ve completed our integration with SailPoint’s Identity Governance solution

April 7, 2017

World Economic Forum Rates Cyber Attack Risk

We’ve reworked the data to show both the risks in terms of impact and probability along with the trends

March 28, 2017

Privileged Task Management – Busy Work versus Thinking Work

In the world of DevOps there are two types of work, ‘busy work’ and ‘thinking work’. Your staff will be very clear about which they prefer doing

March 9, 2017

Osirium PAM ServiceNow Integration

Taking Privileged Access Management (PAM) one step higher in security and compliance

November 22, 2016

Tesco Bank resumes normal service, but has the damage been done…?

Who can blame consumers now for being reluctant to switch from the Big Four?

October 28, 2016

Creating resilience through security cells

Osirium believe that the following issues are the main contributors and share with you how our PxM Platform combats them

September 22, 2016

The Cost of Uncertainty

Today we’re hearing about the aftermath of an attack

September 6, 2016

Two Ideas

We’ve heard a couple of deployment ideas recently

May 19, 2016

Early versus late data breach outcomes

We spent some time looking at the outcomes for companies that were the victims of cyber breaches

April 20, 2016

IAM Round Table Notes

Yesterday we attended a round table session about building effective Identity and Access Management solutions

November 12, 2015

The JPMorgan Breach and the Problem with Passwords

Earlier this week US investigators charged three men after a multi-year cybercrime campaign

November 5, 2015

The year of the weekly data breach

Data breaches have fast become the scourge of modern enterprise

October 23, 2015

Separating people from passwords

Rigorous passwords policies are creating the exact opposite of their intended outcome

October 6, 2015

Osirium as an Identity Federator

The identity market has been getting stronger, it needs to get stronger as more and more business functions migrate to the cloud.

September 26, 2015

Want to Follow GCHQ’s Best Practise Password Advice? Look No Further

If the documents leaked by NSA whitsleblower Edward Snowden are anything to go by, GCHQ knows a thing or two about exploiting security weaknesses.

September 16, 2015

US Government’s 30-Day Authentication Sprint Points the Way for UK Firms

The US OPM hack exposed – potentially to a nation state

August 3, 2015

Brute force bugs highlight the weaknesses of human generated passwords

Passwords are one of the biggest threats to enterprise data security around today

July 28, 2015

How to present Cyber Security issues to the Board

If you’ve never attended a board meeting before I’ll try to give you a flavour of what happens

July 27, 2015

Why do IT administrators want Identity & Access Management?

IAM provides a wealth of operational conveniences alongside its security benefits

July 23, 2015

CISO Message to the Board about Breaches

Influence is often limited in the face of perceived business requirements

July 8, 2015

Hacking Team: Another Reason to Ditch Out-of-Date Password Systems

At Osirium, we believe in the need for a new approach to authentication

June 26, 2015

How Osirium defends against real world attacks

Dealing with the Insider and Third Party threats

June 26, 2015

How Osirium PAM defends against real world attacks

There is a serious threat against privileged accounts

June 26, 2015

What We Can Learn From the OPM Breach

Why are account credentials from privileged users so sought-after by attackers?

June 17, 2015

Protecting POS: Why You Need to Guard Privileged Remote Accounts

Hackers have infiltrated POS systems via third party providers

May 21, 2015

PuTTY Problems: Solving Threats with Privileged User Management

IT leaders must consider their department as a major target for advanced attackers and take appropriate steps to mitigate that risk

April 20, 2015

Osirium Research Points Out Perils of Password Shoulder Surfing

The results should give IT managers plenty to think about

April 17, 2015

What is Shoulder Surfing?

Shoulder surfing, as the name suggests is the nefarious art of reading a sensitive piece of information over a user’s shoulder.

March 26, 2015

Privileged Account Abuse, Not Smartphone ‘Bans’ The GCHQ Story

Much of the talk in IT security circles over the past week has been centred around new guidance for businesses from the UK’s spy agency.

March 9, 2015

Targeted Attacks – The Fight Back Starts with Good Password Management

Targeted attacks have been around for probably a lot longer than many people think

February 3, 2015

Passwords aren’t the problem – people are

When the passwords meet people that the security breaks down

August 22, 2014

Osirium is great for meeting MAS/TRM compliance

Since the Monetary Authority of Singapore issued their Technology Risk Management Guidelines they have achieved a lot of traction with compliance officers.

July 25, 2014

Why do IT administrators want automation?

So why did a large proportion of administrators think that automation would make their life easier?

April 22, 2014

Where Osirium fits into the Cyber Security Market

In today’s hybrid-cloud era, the privileged insider and outsider have become inter-changeable

April 22, 2014

15 Minute Security Fix

Here’s a quick security fix on how to reduce risk for your team’s shared accounts in just 15 minutes.

April 1, 2014

Usability

Osirium’s focus on Workflow usability means that organisations can benefit from security and productivity in tandem.

March 10, 2014

Protecting MSSQL from the Insider threat

IT Security is a very wide ranging subject. At Osirium we like to think of its application to the business stack.

December 11, 2013

Have I been pwned?

How to check if your password has been "pwned"

July 26, 2013

Why do IT administrators want centralised management?

Why do IT administrators want centralised management?

July 25, 2013

UK businesses warned to urgently review privileged credentials policies

UK businesses warned to urgently review privileged credentials policies

June 12, 2012

UK businesses admit to over-privileging IT staff

UK businesses admit to over-privileging IT staff - find out why it's not a good idea!

May 9, 2012

Delegation failures suffocating UK businesses

Delegation failures suffocating UK businesses

Blog topics

All
Audit, Compliance and Governance
Automation
DevOps
Education
GDPR
Healthcare
IT Process Automation
Identity & Access Management
Managed (Security) Service Provider
Manager
Privileged Access Management
Privileged Access Security
Privileged Endpoint Management
Privileged Process Automation
Technical
Third-Party Access

Authors

Andy Harris
Carlos Ruiz
David Guyatt
Mairi Chisholm
Mark Warren
Osirium
Tom Hills
Click to chat