Elemental Cyber Security Blog Articles:
by: Jacob Perry
ESP secures your VDI (Virtual Desktop Infrastructure)
The case for Improving Security for Remote Workers
There is an influx of work from home employees due to Covid-19 and some organizations have decided it to be more cost-effective to work 100% from home moving forward. Working from home increases exposure to cyber risks. Two common solutions being leveraged are Remote Desktop Services (RDS) and Virtual Desktop Infrastructure (VDI). These solutions come with severa...
by: Elena Garrett
Elemental Micro-Segmentation vs. Traditional Network Segmentation
What is network micro-segmentation? How is it different from what most companies do now? How does micro-segmentation affect network security? Let's explore!
Micro-segmentation in cyber security
Most companies today use network-dependent segmentation. A traditional approach to network security was built around a strong network perimeter defense and utilized concepts like subnets, ports, protocols, a...
by: Elena Garrett
TLS security assurance and audit preparation with ESP
From SSL to TLS
The migration from SSL /Early TLS to TLS 1.2 and 1.3 is currently underway. The PCI Security Standards Council made the requirement for the migration official in PCI DSS v3.2.1. Microsoft announced the end of support for TLS1.0 and 1.1 in Office 365 as of October 31, 2018. Services like DigiCert, ZenDesk, and Salesforce have pulled support for those protocols during 2018, as well. Chrome, Edge, IE, F...
by: Elena Garrett
ESP Dynamic Security Grouping
Dynamic Security Grouping is the automated process by which the Elemental Security Platform (ESP) manages the membership of host groups, and it is one of the key functionalities of ESP. ESP collects a variety of information about managed hosts, and transforms this information into potential "group parameters." These parameters can be mixed and matched to create very broad or very granular host group definitions. Here are some examples of cust...
by: Elena Garrett
Augmenting your patch management strategy
According to Microsoft Security Report 2017, hackers and malicious intruders know that nearly all organizations are vulnerable, and often first reach for the lowest-hanging fruit: exploitable weaknesses in legitimate applications. Nearly 21 thousand vulnerabilities for wired and wireless devices were identified in 2017 alone, and a large number of them will trigger a patch of some soft to be issued. With so many vulnerabilities ...
by: Elena Garrett
Compliance in the Age of Limited Resources
The case for Security Compliance Automation
The number and complexity of the compliance standards that organizations are expected to meet continue to grow. At the same time, these organizations are finding themselves faced with an acute shortage of trained cyber security and compliance professionals. As more and more processes interact with the sensitive data and fall into the scope of compliance, the shortage of security...
by: Elena Garrett
Elemental RSC 80/20 - solving the risk, security, and compliance dilemma
The Elemental RSC (Risk, Security, Compliance) approach aligns cyber Risk (R), Security (S), and Compliance (C) controls into a single workflow. It can be used to improve cyber security, reduce risks, and achieve compliance using a set of strategic, resource-conscious project cycles. Each cycle focuses on identifying and remediating 20% of issues that account for 80% of cyber risk within the organ...