Andy Harris

Ransomware: Understanding the threat and blocking lateral movement

What is Privileged Access Security?

At Osirium, we believe that Privileged Access Security is a combination of three fundamental functions that use three foundation technologies

Are Privileged Access Management (PAM) and Identity Access Management (IAM) the same?

Both IAM and PAM are critical areas of cyber security delivering protection to different audiences, but what are the differences are they both needed?

Protecting backups with PAM

Backups are absolutely so need careful protection. That's why you must use PAM to access backup management systems like PAM. Find out more ...

Cloudifying Multi-Factor Authentication for Privileged Access Management with RSA

The combination of Osirum Privileged Access Management (PAM) with RSA Identity Provider makes a powerful and flexible cloud-based privilege access solution.

IAM v PAM as a single pane of glass for evaluating user security posture

IAM and PAM may seem like duplication or in competition but in reality, they're both needed for a single pane of glass security posture. Find out why.

Patch Tuesday Made Easy - With Privileged Process Automation

Managing patches to an estate of Windows is a major effort. Privileged Process Automation (PPA) can accelerate and simplify the whole process, see how ...

Adaptive Authorisation vs Adaptive Authentication

Automation is great but it has to be smart to decide when changes are safe and when more review and approval is needed. See how PPA does Adaptive Authorisation

Privileged Access Security - A Deeper Dive

Privileged Access Security should be a priority. Osirium CTO, Andy Harris, explains why and lays out the roadmap for a solution.

Some Inconvenient Truths About Credentials and Remote Access

In general VPN access is more risky than office based access, and there are some uncomfortable truths about humans and credentials.

PIM, PUM and PAM explained

Here’s a quick rundown of all these terms, what they do, and which bits of the Platform performs them:

Privileged Endpoint Management - Managing Developer's Systems

Developers need to install and configure Visual Studio and various add-ins to do their work. PEM lets them do their work without needing local admin rights

How Does Privileged Process Automation (PPA) Work?

Privileged Process Automation (PPA) can be transformative for IT and business processes, find out how ....

Instant Internal Auditing with PXM, SIEM and Slack

For many organisations, Slack has become the central core of communications between processes and people.

Fault-Tolerant, Highly-Available Privileged Access Management

We’re often asked about high availability and fault tolerance for the PxM Platform.

Controlling AWS Costs with PPA

Controlling AWS costs usually needs an Admin account and specialist knowledge. With PPA, anyone with the right role can do it.

Auditing Privileged Access Management

Where would the investor confidence be without the governance...

Five Reasons Why You’ll Sleep Better with Privileged Access Management

If you’re an IT manager or strategist, you want to spend your time developing systems and solutions that propel your business forward, in an ideal world …

Multi-Factor Authentication: Osirium PxM and OneLogin

Osirium’s PxM Platform provides Privileged Access Management (PAM) using the principle of identity-in / role-out

Why you need PAM for Process Automation

In this post, we're going to look at some aspects of automating a privileged process

Privileged Access to Web Apps – A Magical Solution

One of the distinct advantages of Osirium’s PxM Platform is its ability to deliver Privileged Access Management (PAM) to a very wide range of systems

Securing Third Party Access

There’s a lot of good that can be achieved when working closely with third parties, but there are also a lot of risks

The journey through PAM, PTM and onto RPA

Secure automation needs more than just robots, you need privileged process automation.

What is Privileged Robotic Process Automation?

Here, we are going to outline the differences between Robotic Process Automation (RPA) and the Privileged version (PRPA)

Privileged Access Management – Common Use Cases

PAM (Privileged Access Management) solutions are built to control access to Privileged Accounts to drive security. Here, we will outline some of the common use

Webinar: Why NHS security professionals need a new approach to PAM

Osirium’s PxM Platform is specially designed to stop cyber-attackers from hacking NHS operations

Privileged Pixel Management – A New Form of PxM

If your Christmas party needs its people separated from pixels then PPM is not a product that we ship. Of course you can use PxM Express :-)

The O2 outage, how task automation could help

Ericsson and O2 engineers would have been flat out either updating certificates or software.

Sharing Privileged Accounts With Third Parties

In this article, we'll look at customer, MSP and contractor sides of this issue. Outsourcing work to a third-party is a frequent occurrence.

Fast-Slow or Slow-Fast? Two different approaches to digital transformation

We're always intrigued by the wide range of descriptions of ‘digital transformation’ here are a few considerations

IoT, Internet of Things is not a good term…

First off, the first main issue is the word 'Things', it is too general. Things break down into different categories

Osirium and RazorSecure Strategic Alliance

Strategic alliance means sharing ideas, code and pre-production demostrations along with modifications to our main products.

Separate your business from cyber-attacks – Separate people from passwords

The cybersecurity landscape is ever changing. New threats appear daily, and the techniques used by attackers continuously evolve.

Multi-factor Authentication Improvements in PxM Platform Version 6.1.0

Since the PxM Platform is an 'Identity In - Role Out' product, the quality of identity proof is crucial in highly secure environments.

Using SSH Keys for Authentication in Privileged Access Management

Osirium's PxM Platform can use both passwords and SSH Keys for the role-based connections where the device supports keys.

What DevOps need to know about Privileged Account and Credential Security

DevOps is hard enough, don't let the risk of exposing credentials make it worse.

Why PAM should be on every Operations Managers’ wish list

Operations Managers are at the centre of IT production, running the systems, applications and infrastructure that are the lifeblood of the organisation.

PxM Express Introductory Video Series

A new set of tutorial videos to get you up and running fast

Robotic Process Automation (RPA) and Task Automation

Robotic Process Automation (RPA) within our solutions for more than eight years in our Privileged Task Management module.

Database Task Automation for Asterisk (AsteriskNOW)

Like most sales managers, our internal sales manager needed access to the Call Record Database of our AsteriskNOW implementation.

Using Elastic Stack with the Osirium Privileged Management Platform

Here’s the How-To video for using Osirium's PxM Platform with Elastic Stack.

Implementing the Dual Account model with Osirium’s PxM platform

The Dual Account model has long been best practice amongst SysAdmins and DevOps. This blog explores what the model entails.

Surprising benefits for the Board when you choose Osirium’s PxM

Osirium's PxM Platform provides many business benefits that will keep the Board happy.

Meeting significant GDPR needs using Osirium’s PAM

Here’s the problem for Osirium; Every cyber security company out there is suggesting that they address GDPR requirements.

Responding to the unique needs of M(S)SP’s

Managed Security Service Providers face differing challenges to other industries we serve. With GDPR on the horizon, we discuss these unique needs.

Cybersecurity – Making it everyone’s business is futile

Let’s discuss the value of the cloud and outsourcing, not regarding cost, but security

Building a coping mechanism for data breaches

Breaches may be daily news, but they will always be a significant worry for business stakeholders

Cybersecurity in the NHS (part two) – Separating people from passwords

NHS seeks to improve, the outsourcing of IT contracts has increased, and data security controls that should protect staff and patients

Least Privileged Model with Privileged Account Management (PAM)

Least Privileged Model – It’s accepted knowledge that a least privileged model are good for security. They limit what a person, system or code base can do

MAP Server – Protecting legacy applications

At Osirium, we created our Management Application Proxy Server (MAP Server)

Cybersecurity in the NHS (PT 1) Protecting the NHS from the inside-out

A colossal 40% of malware attacks in the UK are made against public sector institutions

Osirium at Pycon: Ed Reveals the Patterns in our Pit of Success

Ed’s presentation covered how we identify the good from the bad. In particular how the choice of good boundaries for Functions and API’s

Osirium: When your biggest problems are solved, you look to the next one

The difference between what the Osirium PxM Platform is purchased for, and what our longstanding customers actually do with our products

So What’s Wrong with Blacklisting Commands?

For example, your organisation thinks it is a good idea to blacklist the ‘rm’ command. Let’s consider the difference between these command sequences

Privileged Access Management with SailPoint’s Identity Governance

We’ve completed our integration with SailPoint’s Identity Governance solution

World Economic Forum Rates Cyber Attack Risk

We’ve reworked the data to show both the risks in terms of impact and probability along with the trends

Notes from the Fraud Tube Spring Event

With a new format covering the best part of the day and into the night, there was an eclectic mix of presentations prompting us to really think about...

Privileged Task Management – Busy Work versus Thinking Work

In the world of DevOps there are two types of work, ‘busy work’ and ‘thinking work’. Your staff will be very clear about which they prefer doing

Osirium PxM ServiceNow Integration

Taking Privileged Access Management (PAM) one step higher in security and compliance

Tesco Bank resumes normal service, but has the damage been done…?

Who can blame consumers now for being reluctant to switch from the Big Four?

Creating resilience through security cells

Osirium believe that the following issues are the main contributors and share with you how our PxM Platform combats them

Privileged User Analytics

The ability to view user behaviour provides an opportunity to highlight any anomalous activity

The Cost of Uncertainty

Today we’re hearing about the aftermath of an attack

Two Ideas

We’ve heard a couple of deployment ideas recently

Early versus late data breach outcomes

We spent some time looking at the outcomes for companies that were the victims of cyber breaches

IAM Round Table Notes

Yesterday we attended a round table session about building effective Identity and Access Management solutions

The JPMorgan Breach and the Problem with Passwords

Earlier this week US investigators charged three men after a multi-year cybercrime campaign

The year of the weekly data breach

Data breaches have fast become the scourge of modern enterprise

Separating people from passwords

Rigorous passwords policies are creating the exact opposite of their intended outcome

Osirium as an Identity Federator

The identity market has been getting stronger, it needs to get stronger as more and more business functions migrate to the cloud.

Want to Follow GCHQ’s Best Practise Password Advice? Look No Further

If the documents leaked by NSA whitsleblower Edward Snowden are anything to go by, GCHQ knows a thing or two about exploiting security weaknesses.

US Government’s 30-Day Authentication Sprint Points the Way for UK Firms

The US OPM hack exposed – potentially to a nation state

Brute force bugs highlight the weaknesses of human generated passwords

Passwords are one of the biggest threats to enterprise data security around today

How to present Cyber Security issues to the Board

If you’ve never attended a board meeting before I’ll try to give you a flavour of what happens

Why do IT administrators want Identity & Access Management?

IAM provides a wealth of operational conveniences alongside its security benefits

CISO Message to the Board about Breaches

Influence is often limited in the face of perceived business requirements

Hacking Team: Another Reason to Ditch Out-of-Date Password Systems

At Osirium, we believe in the need for a new approach to authentication

How Osirium defends against real world attacks

Dealing with the Insider and Third Party threats

What We Can Learn From the OPM Breach

Why are account credentials from privileged users so sought-after by attackers?

How Osirium’s PxM Platform defends against real world attacks

There is a serious threat against privileged accounts

Protecting POS: Why You Need to Guard Privileged Remote Accounts

Hackers have infiltrated POS systems via third party providers

PuTTY Problems: Solving Threats with Privileged User Management

IT leaders must consider their department as a major target for advanced attackers and take appropriate steps to mitigate that risk

Osirium Research Points Out Perils of Password Shoulder Surfing

The results should give IT managers plenty to think about

What is Shoulder Surfing?

Shoulder surfing, as the name suggests is the nefarious art of reading a sensitive piece of information over a user’s shoulder.

Privileged Account Abuse, Not Smartphone ‘Bans’ The GCHQ Story

Much of the talk in IT security circles over the past week has been centred around new guidance for businesses from the UK’s spy agency.

Targeted Attacks – The Fight Back Starts with Good Password Management

Targeted attacks have been around for probably a lot longer than many people think

Passwords aren’t the problem – people are

When the passwords meet people that the security breaks down

15 main excuses for not updating your passwords

They are so difficult to remember so I use one really good one

Osirium is great for meeting MAS/TRM compliance

Since the Monetary Authority of Singapore issued their Technology Risk Management Guidelines they have achieved a lot of traction with compliance officers.

Why do IT administrators want automation?

So why did a large proportion of administrators think that automation would make their life easier?

15 Minute Security Fix

Here’s a quick security fix on how to reduce risk for your team’s shared accounts in just 15 minutes.

Where Osirium fits into the Cyber Security Market

In today’s hybrid-cloud era, the privileged insider and outsider have become inter-changeable

Usability

Osirium’s focus on Workflow usability means that organisations can benefit from security and productivity in tandem.

Protecting MSSQL from the Insider threat

IT Security is a very wide ranging subject. At Osirium we like to think of its application to the business stack.

Have I been pwned?

The Files Menu

Why do IT administrators want centralised management?

UK businesses warned to urgently review privileged credentials policies

UK businesses admit to over-privileging IT staff

Delegation failures suffocating UK businesses