Phew. Thycotic solutions remain unaffected during devastating Heartbleed vulnerability.

11 04 2014

The recent OpenSSL vulnerability CVE-2014-0160, or “Heartbleed” is affecting millions of SSL-enabled web servers worldwide; estimates are somewhere between 60% and 80% of servers are affected by the deadly bug. It’s the perfect example of a worst-case scenario: Heartbleed gives attackers the ability to reveal your server’s private SSL key by recovering just enough SSL key material.

We’re fortunate to announce that Thycotic has remained completely unaffected by this vulnerability, as our solutions are built on a Microsoft stack that doesn’t use any form of SSL technology. Our customers and partners can rest assured. However, it’s important to let others know what they can do to avoid an attack during this time.

While many tech news and media sites are advising consumers to rapidly change all web passwords that may have been affected by the Heartbleed bug, there’s still a risk for IT administrators, web admins and developers managing servers affected by the vulnerability. Question is… how do you prevent an attack while vulnerable?

Keep servers safe during Heartbleed

Website administrators were advised to patch their OpenSSL libraries on their servers to address the problem. But Heartbleed goes deeper than just patching OpenSSL. OpenSSL includes a general purpose API that software developers can use as part of their software. This is where static linking comes into play.

Static linking. Developers may choose to statically link to OpenSSL. Static linking allows developers to include OpenSSL within their software and it becomes embedded at compile time. Since the OpenSSL library is embedded in the software, upgrading the OpenSSL package on the operating system alone won’t update the OpenSSL version that software programs may have linked to statically.

Update all software, not just SSL. It is highly advisable that all software that makes use of OpenSSL technology be updated. Software vendors that statically link to OpenSSL should release updates for their software immediately by using a patched version of OpenSSL.

Keep clear, steady communications with customers. Make sure that as you’re updating systems and sending patches you’re also communicating these actions with your customers regularly. Consumers are rapidly changing web passwords and scrambling to protect their most valuable, personal data. Clear communications to your customer base (whether consumer or business) will help everyone stay on the same page and mitigate the most risk by using best practices during this time.





Limited time only: Secret Server Express Edition 100 users, 1000 Secrets 5 reasons to switch your password manager

26 03 2014

It’s no secret – managing IT passwords is a major hassle. Spreadsheets are a temporary bandage to a bigger security issue, and simple password vaults don’t scale to meet the real security needs of an IT team.

Security, team sharing and scalability are important points when picking your IT password management tool. With our limited-time offer of Secret Server Express edition with expanded users and Secrets (what we call credentials in the tool), we want to give you 5 reasons to seriously consider switching to the Express edition of our enterprise-class password management tool.

1.) You’re sick of using spreadsheets to manage IT passwords. Spreadsheets are the security bane of any IT team’s existence. With all of the shared credentials stored in a single encrypted spreadsheet, there’s no way to separate accounts out based on team member needs. Plus, once that spreadsheet is hacked you can say goodbye to your network. The eggs have been successfully swiped from the basket.

2.) People are still using “Password” for shared admin credentials. Weak passwords are often the culprit of compromised accounts. Generating strong, complicated passwords adds a layer of protection to managing privileged accounts.

3.) Half of your team writes passwords down on sticky notes. Do we even have to elaborate here? It’s the 21st century…c’mon people!

4.) Our Express edition costs a whopping $10. A year. Yup. We’re not kidding. And if you buy before Friday, April 25, 2014, you lock in expanded users and Secrets (100 users and 1,000 Secrets). Oh, and the yearly fee goes directly to support our community charity partner Reading is Fundamental, the nation’s largest non-profit child literacy organization.

5.) We scale as your security needs grow. Eventually you may need to meet compliance mandates and enforce more complex security practices around managing privileged accounts and identities. When you buy a simple tool, you’ll have to shop around for a more robust solution later on. Express edition scales into any of our enterprise-grade editions swiftly and easily, reducing time and effort in strengthening your security posture – from small business to the enterprise.

So, do you think it’s time to switch? Try Secret Server Express today and let us know what you think.

Express edition offer of 100 users and 1,000 Secrets is good through Friday, April 25, 2014. Purchases made by this date are guaranteed the higher user and Secret limits, even when you renew each year. Purchases after April 25, 2014 will receive the standard 10 users and 100 Secret limits.





Sneak Peek: New Secret Server features only at RSA Conference 2014

20 02 2014

2014 marks Thycotic’s 5th year exhibiting at the RSA cybersecurity conference. RSA is one of the largest gatherings of IT security professionals and analysts in North America. This year, the conference takes place February 24-28th 2014 at the Moscone Center.

RSA Conference 2014

Thycotic to unveil new Secret Server features

We’re excited to demonstrate not-yet-published Secret Server features before they’re officially released at booth 415 during RSA expo hours. Our team will also give demos of our other IT products and are available to answer any questions you have on our products or password management best practices. Product Manager Ben Yoder and CEO Jonathan Cogley will be there, as well as many more of our great team. Look for our 20X20 black and green booth, you can’t miss us!

What to expect from RSA

Informations sessions cover a variety of security hot topics: hackers and threats, governance, risk and compliance, cryptography, data privacy and more. IT security professionals come eager to discover the latest in security technology, debate fiery issues and mingle with the best in breed vendors and industry experts. Oh, and don’t forget the rocking vendor parties that pack the evenings; complete with food, drinks and entertainment of all kinds amidst the backdrop of a lively San Francisco nightlife.

Awesome keynote lineup

RSA 2014 boasts an impressive speaker lineup worth checking out, including Nawaf Bitar of Juniper Networks, Art Gilliland of HP, James Comey of the FBI and a special closing keynote appearance by Stephen Colbert guaranteed to bring some hilarity to the mix.

Thinking about attending? Register for RSA 2014 here.

See you there!

 





SIEM Spotlight: Join us this week for our HP ArcSight Integration webinar

4 02 2014

Yep, you guessed it. We’re going to talk about big data. You’ve probably heard the buzz term a million times this year, but here’s an important question for any IT administrator and management team: What role does big data play in making your organization more secure?

Pairing security information and event management (SIEM) with strong privileged account management and password practices combines the best of both worlds for folks looking to strengthen their internal security posture. Just imagine, you could know when an employee started to view an unusual number of passwords because the SIEM tool immediately alerted your security team, preventing a potential insider threat.

The SIEM market includes several vendors that offer strong, enterprise-class tools for proper SIEM management, and that integrate out of the box with Secret Server.

HP_ArcSight

On Thursday, February 6, join us and HP ArcSight as we take a deeper look into how Secret Server integrates with SIEM tool HP ArcSight and what that means for customers and their security plan. Join the webinar to see:

  • A full demonstration of the integration.
  • Common examples of how SIEM technology pairs with enterprise password management to enhance security.
  • Live question and answer session with both Thycotic and HP ArcSight.

Event details

Integration Spotlight: HP ArcSight and Thycotic.

Thursday February 6, 11:30am EST.

Hosted by: Ben Yoder from Thycotic, and Eric Shou and Morgan DeRodeff from HP.

Interested in learning more? Register for the webinar now.

 

 





2013: A Security Odyssey

31 12 2013

What did 2013 hold for Thycotic Software? New partners, software releases, and other exciting milestones. Join us for our movie themed year-in-review.

This year, in the wake of dozens of newsworthy data breaches, the landscape for IT security broadened with every headline. The importance of securing privileged credentials and managing identity went from a “nice to have” to a “need to have” seemingly overnight. It became more apparent from IT teams across the globe that a spreadsheet was no longer a trusted, secure repository to manage privileged passwords in an organization.

So what did this mean for Thycotic? Keeping a close eye on security trends, we listened to our customers and built the features they requested to solve their most essential use-cases in privileged account management. But that wasn’t all we did.

Here are just a few highlights of what made 2013 a defining year for Thycotic Software.

Let it snow, let it snow? More like, let it grow, let it grow!

Inc. Magazine named us one of the Top 5000 Fastest Growing Companies in the US, and #33 in the top 100 fastest growing companies in DC. We couldn’t be more honored to receive this privilege. Our growth is attributed directly to our fantastic customers and our intelligent, hard-working team.

Lions, Tigers, and Splunk – Oh, My!

This year we announced several great partnerships, ending the year with an official announcement of our partnership with Splunk to release the Secret Server App for Splunk Enterprise. We’re proud of all of our new partnerships, and especially of our rapidly growing technology integration partner program. You can read more about the Splunk integration with Secret Server in our press release.

Come fly with me, let’s fly, let’s fly away.

We broke a personal record at Thycotic by sponsoring over 35 tradeshows across the world in 2013. We’ve presented dozens of keynotes, spotlight sessions, thought leadership interviews and spoke directly with thousands IT security and operations professionals in every major vertical about their security needs. Thanks to our dedicated team who worked round-the-clock to make those events a major success.

Release the kracken!

This year we’ve had several exciting releases to our products Secret Server, Password Reset Server and Group Management Server based on direct requests from our customers.

For Secret Server, some notable new features are: SAP support for natively changing passwords on SAP accounts; expanded API to increase automation in scripting; Custom Columns for a more tailored dashboard view; Website Password Changing to automatically change passwords for Windows LIVE, Google and Amazon accounts; SAML Support for increased security and single-sign on convenience; and Improved Discovery for Scheduled Tasks and Application Pools, now discoverable by Secret Server.

Other new product features are Active Directory Attribute Integration to let employees easily update their own AD information with Password Reset Server, and Group Renewal for Group Management Server to remind Active Directory group managers to double check their group membership from time to time.

So what’s next for 2014?

We think that 2014 will trump this year in success stories, growth, partnerships and products. We hope you join us every step of the way. Join us on LinkedIn and Twitter for the latest news in cybersecurity and be sure to stop by our booth at RSA 2014 in San Francisco as we kick off another thrilling year in IT security.  Also Thycotic is hiring, join the Thycotic team – read these great Thycotic reviews and see the latest Thycotic videos.





Announcing Our Official Technology Alliance with Splunk

3 12 2013

In the past we have discussed the benefits of using a security information and event management (SIEM) solution, not only as a compliance tool, but also for protecting against potential threats in real time.

We are excited to announce our official technology alliance with Splunk to release Secret Server for Splunk Enterprise, giving administrators deep insight into the use of privileged accounts, providing better visibility for compliance standards and detection of internal network threats.

Getting the app is simple. While logged into the Splunk interface, navigate to “apps” and search for Secret Server. Once installed, you can use the app to automatically start pulling information from the Secret Server sysLog. Make sure you have Secret Server installed and running before using the app.

Splunk1

Using Secret Server with a SIEM tool such as Splunk allows administrators to gain a clear picture of what is going on throughout their network. The app can be used to filter out key events from the Secret Server sysLog using the Event Search feature. This allows easy retrieval of information from real time events, such as when users are launching sessions, accessing reports, checking out Secrets, or when Unlimited Administrator mode is turned on.

Splunk2

In addition, the app allows you to access and create robust reports directly in the Splunk interface.

Splunk3

Want to learn more? Download Secret Server for Splunk Enterprise today!





3 Ways Secret Server will Enhance your Identity Access Management Strategy

19 11 2013

It’s important to have an Identity Access Management (IAM) strategy, whether you are trying to meet a compliance standard such as PCI, SOXS or FIPS, or you just want accountability for what is going on throughout your network. Secret Server has many ways that it can help administrators accomplish this. In this article, we will be going over three different features that will help establish your IAM strategy.

1. Role-based access:

With roles, administrators can delegate permission and access to appropriate information quickly and easily. Integrating Secret Server with Active Directory will enable you to assign roles automatically based on existing Active Directory groups. This ensures that users only see information that is necessary for them to complete their work, without exposing excess data.

Image

2. Audits and Reporting:

Every time a user has any interaction with a Secret, an audit is created to record: (1) the action, (2) the person and (3) the exact time the action occurred. Using the audit information, administrators are able to see exactly what users are doing within the system. For example, they can tell how Secrets are shared between users, Secrets with the most views, and which users are not logging into the system at all.

Image

3. Session Recording:

Secret Server can record everything that occurs during a session. By using the recording launcher, Secret Server takes a screenshot every second and then compiles the images into a movie that is saved on the audit log. This is great for your most critical machines, where you want to know exactly what is going on when a user is logged in. Now, should anything go wrong on these servers, it is easy to retrieve the recording from Secret Server and view exactly what occurred, increasing the speed at which the issue can be resolved.

Using these three features will put you on track to creating a complete Identity and Access Management strategy in which your team may become more productive and secure.

Image

Image

If you are in Los Angeles this week for the Gartner IAM conference, stop by our booth # 210 or join us tonight at 5:45 PM PST for a drink in our “Made in DC” hospitality suite.





Don’t miss our monthly webinars!

5 11 2013

Every month, Thycotic hosts a webinar to explore new features, technical integrations and best practices. Last week we discussed a fairly new feature added to Secret Server version 8.3, which has expanded the list of web password changers. Secret Server can now change passwords on Windows Live, Google and Amazon accounts. This means you can now manage your Office 365, Google Apps and Amazon Web Services through Secret Server. These sites are just the beginning of web password changing for Secret Server. If you missed the live webinar, you can watch a recorded version here.

We have several upcoming webinars, including a feature deep-dive and tech integration case study.

Sign up now to get them on your calendar!

Learn how America First Increased Security through Authenticated QualysGuard Scanning with Secret Server

November 5, 2013 at 1:00 pm EST.

Do you have a full understanding of your network security, from both external and internal threats? Performing authenticated scanning for internal threats while keeping credentials locked-down on premises can greatly mitigate security risk. Find out how America First, a national credit union, implemented secure authenticated scans with Secret Server.

Register here for the Qualys Authenticated Scanning webinar

Thycotic Software Introduces- Password Reset Server

November 14, 2013 at 11:30 am EST.

Learn how Thycotic can help solve your end-user AD password rests. Password Reset Server is an AD self-service reset tool that helps reduce your help desk calls.

Register here for the Password Reset Server webinar

For the latest security news and Thycotic product updates, follow us on LinkedIn!





Integration Spotlight – Secret Server and Devolutions Remote Desktop Manager

17 09 2013

 

In this week’s webinar we will be diving into the integration of Devolutions Remote Desktop Manager and Secret Server. Since the software integration in 2011, users have been securing their credentials through Secret Server and remote connections using Remote Desktop Manager after several client requests. Since then, administrators have been able to use both solutions for greater convenience and added security.

Using Secret Server, you can securely store and audit access your login credentials. With Remote Desktop Manager, you can centralize your remote connections that use programs such as Remote Desktop, PuTTy, Team Viewer, and more. With the integration of Secret Server, Remote Desktop Manager seamlessly retrieves the login credentials from your Secret Server account. Using these two programs in conjunction with each other provides your company with a secure, centralized way to store, manage, and utilize your credentials for remote connections.

Join product managers Ben Yoder, Thycotic Software, and Maurice Côté, Devolutions, as they demonstrate the features and benefits of both solutions this Thursday September 19th at 11:30 AM EST. Be sure to register today!





SOX Compliance on external systems using PowerShell scripts in Secret Server

25 02 2013

A critical component of many compliance mandates such as SOX, HIPAA, and PCI is guaranteeing that user activity is audited.  Secret Server maintains an internal audit trail for user actions and access to shared privileged accounts, but it doesn’t necessarily guarantee that external systems maintain their own audits.  After several customer requests, Secret Server  can now be configured to audit external systems through custom PowerShell scripting to enhance auditing when a privileged account is used on an external system.

For example, we can look at Microsoft SQL Server’s auditing. How can an Administrator ensure that auditing of an account is in place when that privileged account is used?

Secret Server can be used to combine custom PowerShell scripts with its one time password (OTP) feature called CheckOut.  This allows a user to access a password from the repository but Secret Server will change it to a new random password afterwards.  Administrators can also upload PowerShell scripts to Secret Server and set them to run before an account is checked out, and after it is checked back in.  This can be used to ensure that various compliance actions occur before or after a password is used.

In the below example I’ve created a Secret for an account with access to the AdventureWorks database, and set up an Audit Specification in Microsoft SQL Server.

Image

In Secret Server I can now safeguard that the auditing I’ve set up for SOX, PCI, or HIPAA compliance is enabled whenever a user accesses the database with the AdventureWorksAdmin user.

On the Secret for the AdventureWorksAdmin user, I’ve enabled CheckOut.  Now when a user accesses the account the password will be changed once they are finished.  Next I uploaded a PowerShell script that ensures the Audit Specification is enabled on AdventureWorks, and set it to run before the Secret is Checked Out to the user.

Image

This Hook guarantees that auditing is turned on by preventing CheckOut if the PowerShell script fails.  If for any reason the script can’t ensure that the compliance auditing is enabled, then it will return an error and the user won’t be granted access the AdventureWorksAdmin SQL Account.  The CheckOut feature will also change the password after the user is finished with the Secret, so users are forced to go through Secret Server to access the privileged account.  This now provides named user audits in Secret Server that are tied to a specific shared account, and Microsoft SQL Server is guaranteed to maintain its own auditing whenever that account is used.

Ben Yoder is the Product Owner for Secret Server – you can find him at the Thycotic booth (#2644) at the RSA Conference in San Francisco this week.  Stop by to chat to Ben about SOX, PowerShell scripting or other cool stuff.








Follow

Get every new post delivered to your Inbox.

Join 30 other followers