Do your house guests still have access to your home after they’ve left, or overstayed their welcome? No, right? You would throw them out or take the keys back because they no longer require access. Guests in Azure are like house guests. Once they no longer need access, it's then time to take back the key so they no longer have access to the company's data and connected apps. Yet many organizations are inadvertently leaving themselves at risk of supply chain attacks.

In this series, you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the team’s approach to keeping Vanta secure. We’ll also share some guidance for teams of all sizes — whether you’re just getting started or looking to uplevel your operations.

In my days of AD administration, there was always a need for a select set of sysadmins to be granted high levels of permissions. In AD, this is typically a separate user admin account that is a member of the Domain Admins Active Directory group. There are a few other groups that are highly privileged(i.e. Enterprise Admins and Schema Admins) but the permissions required by these groups are generally more specific and therefore less populated.

In today's interconnected and rapidly evolving digital landscape, managing and securing identities within an organization has become paramount. The traditional approach to identity governance and administration (IGA) often falls short, leading to inefficiencies, security vulnerabilities and compliance challenges. However, with the advent of cloud-based IGA solutions, businesses can now unlock a new level of power, scalability and flexibility.

For decades the principle of least privilege has been a fundamental component of cybersecurity. The principle of least privilege revolves around granting users the minimum level of access necessary to perform their tasks, minimizing the risk of unauthorized access and data breaches.

If you’re an IT security leader, this goes without being said – ransomware is the worst. While the Internet continues to unlock new ways for businesses to increase routes to revenue, deliver great employee and customer experiences, and cut costs – cyber thugs have unleashed a slew of ransomware attacks that target legacy network architectures. Thus, these malicious attacks have been elevated to amongst the top of the list of business-level concerns.

Crystal Trawny, Optiv’s Practice Director, Privileged Account and Endpoint Privilege Management (PAM/EPM), joins host David Puner in exploring the ever-evolving identity landscape and how emerging threats impact organizations’ cybersecurity requirements. Through the eyes of an end user, Trawny shares best practices for overcoming change resistance, creating effective deployment timelines and avoiding scope creep.