Category: All

Our CyberArk Champion

Every month our partner CyberArk calls out a Champion for their Champions portal. The Champions portal is a place for the community of CyberArk. We are proud to announce that our colleague, Jeroen, has won the prestigious title; May Champion.

Jeroen joined the program in July 2018 during the Berlin Impact event and is currently working toward his Certified Delivery Engineer certification. He was also recently involved with a POC with CyberArk Conjur. In the short time Jeroen joined the community, he showed his brilliance and hospitality towards CyberArk’s Champions portal.

As CyberArk put it:

When we put out a request for things to do and see in Amsterdam (the location of this year’s European Impact), our Netherlands-based May Champion of the month came back to us with a wealth of information we could quite literally cut and paste to share with attendees.

That cooperative spirit sees this Champion frequently contributing in Discussions with detailed and timely responses. Our May Champion is a Security Engineer and has been working with CyberArk for about two years. Our May Champion works at SecurIT B.V. a solutions provider which specializes in Identity & Access Management projects throughout Europe and North America.

CyberArk is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure, and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including more than 50 percent of the Fortune 500, to protect against external attackers and malicious insiders.


FIDO2 is on the rise

The Passwordless web is coming

The FIDO alliance is now one of the most influential cross-industry alliance. It launched its FIDO UAF and U2F standard in 2014, recently the FIDO2 specification.

Yubico helped to create FIDO2 to extend the FIDO standard beyond external security keys to include new built-in fingerprint readers and facial recognition technologies.

The promise is to have a solution for MFA that does not need drivers or software to be installed on systems, protection against man in the middle attacks and that the need for passwords are coming to an end. All of this with a low operational support cost and portable everywhere – used for corporate login but also as a consumer.

In this authentication landscape, the YubiKey takes on the important role of a root of trust. As users move between different platforms and computing devices, having this portable root of trust is essential for enabling rapid bootstrapping on new devices and for recovering when devices are lost, stolen or replaced.

Many companies are embracing this technology which led to the recent announcements that Microsoft supports with the latest Windows 10 Windows Hello and Edge. Also Google turned Android 7+ Phones into FIDO2 devices and +500 companies are certified, also Yubico’s newest security keys support FIDO2 for a while.

Join us in this webinar where we will present and demonstrate:

  • The opportunity for companies using FIDO2 for MFA
  • How consumers can benefit
  • How you can enable FIDO2 support for your web and mobile applications
  • What the concern and limitations are
  • The YubiKey, the portable root of trust
  • The impact of enabling FIDO2 support
  • Integration with legacy systems

Practical information

When: 20 June 2019
Where: Webinar
How late: 15:00 CET (not GMT!!)


About SecurIT

Founded in 1999, SecurIT has over 18 years of extensive experience of designing, implementing, maintaining large Identity Management/Governance infrastructures. With more than 30 specialists permanently employed in the Netherlands SecurIT offers its customers high quality consultancy, implementation, management and support services (24*7). 


SecurIT has appointed a new Chief Operating Officer (COO) and President of SecurIT

The CEO of SecurIT, Rob Bus, announced that the company’s current General Manager/Vice President of North America Kent McKown was promoted to the position of Chief Operating Officer (COO) and President of SecurIT effective the 1st of May.

Previously, Kent has played a vital role in the recent acquisition of PSG and the follow-on integration into SecurIT. In his new role, Kent will focus on the day-to-day operation on both continents working with the VP/General Manager in Europe, Ricardo Kowsoleea, and the VP Global Business Development, Terrah Carawan.

Regarding the appointment, SecurIT CEO Rob Bus said: “Kent’s appointment will further allow me to focus on the strategic direction of the company, key clients, partnerships and strategic alliances and investor relations. Kent will specifically focus on the development and execution of the business plan; working with the leadership team to ensure cohesiveness, traction and values alignment throughout the global organization. Kent and I will also work collaboratively on all leadership and strategic matters of SecurIT.”

Before his most recent position, Kent has led five growth companies as CEO/COO/President. Kent was responsible for clarifying vision and setting the strategic direction to ensure the consistent profit growth and risk reduction; developing a reliable leadership team with the right mix of abilities that shared similar values; and creating visibility of critical measurements to ensure traction, cadence, and accountability. Kent’s past successes have been primarily a result of an organization consistent of a committed team with shared values with a sincere desire to grow themselves and their clients. Significant growth in profits and revenue were a result of these significant achieved initiatives.

Kent earned a Bachelor of Arts from the Citadel and a Bachelor of Business Administration – from National University. He previously served as a commissioned officer in the United States Marine Corps and resigned his commission as a Captain in 1992.

SecurIT Is a global cybersecurity company focused on designing, implementing, and maintaining large Identity & Access Management / Governance infrastructures. We operate in Europe and North America.

The company always strive to provide the best service and IAM solutions for our customers. SecurIT offers its customers high-quality consultancy, solutions, and support services (24/7).

Kent McKown


Zero Trust: Why Your Most Privileged Users Could Be Your Biggest Security Weakness

Your security infrastructure is there to protect your organization from malicious threats. That much is obvious, but what happens when a user’s credentials are compromised and threat actors access your systems? This could expose your company to a data breach and all the reputational damage, operational downtime and financial costs that come with it.

But all access is not created equal. What would happen to your organization if one of your privileged users had their identity compromised? Privileged account management (PAM) helps protect against the most dangerous data breaches because it enables you to closely monitor your most sensitive accounts.

Protecting Your Privileged Users Is Paramount

The majority of security breaches involve the compromise of user and privileged accounts via attack vectors such as phishing, malware, and other means. Once the attacker establishes a foothold in the network, the next step is to find and hijack a privileged account, enabling the actor to move laterally across the network while appearing as a legitimate user.

At this point, the malicious activity can begin. Attackers often search compromised networks for valuable data such as personally identifiable information (PII), intellectual property and financial data. Such sensitive information enables threat actors to commit financial fraud as well as other crimes.

The bottom line is that protecting critical data means protecting your most valuable users. That’s why Gartner recognized privileged account management in its “Top 10 Security Projects for 2019,” along with detection and response, cloud security posture management, business email compromise, and more. The research firm also placed PAM on its 2018 list.

Further demonstrating the criticality of PAM is a Centrify survey that revealed 74 percent of data breaches involve unauthorized access to a privileged account. If privileged access is the most fruitful point of attack for cybercriminals, why are so many companies still not taking even basic steps to prevent this abuse?

For the full article please visit the following link.

Source: Zero Trust: Why Your Most Privileged Users Could Be Your Biggest Security Weakness


TrustBuilder’s latest update enables enhanced identity and access management for Docker and adds new features to support GDPR compliance

TrustBuilder Corporation, the leading IT security solution company for Identity and Access Management, has updated its flagship application, the TrustBuilder Identity Hub (TrustBuilder IDHub) – a state-of-the-art identity and access management tool. The new version introduces wider support across a range of applications and services including the world’s leading enterprise container platform, Docker, new functionality to support GDPR compliance, and a new, integrated workflow.

TrustBuilder ID Hub is a highly effective, user-friendly and trustworthy Identity and Access Management (IAM) tool that combines attribute-based access control with cloud identity and access management. It can deal with both on-premise and cloud applications while catering for pre-defined users and those who want to use their own identity.

Marc Vanmaele, CEO of TrustBuilder said:

“While an increasing number of organizations throughout Europe begin to take advantage of the agility and flexibility that cloud and third party services offer, it is becoming more complex to manage customer identity and user access. Applications or services can be made up of multiple elements, and can be accessed by users on a number of devices.

“The latest version of TrustBuilder IDHub will help reduce the incidences of inappropriate access to cloud resources, while offering simple, flexible and effective identity and access management across our customers’ applications and services.”

Scaling Access Permissions Simply and Centrally with Docker
Docker offers enterprises flexibility with the ability to deploy applications on-demand, but it has also introduced layers of complexity. While a number of practices can be applied, Docker and container managers like Kubernetes and Openshift require a centralized and consistent approach to security. By extending support to Docker, TrustBuilder will enable organizations to control access permissions
centrally and scale identity and access management to millions of users.

Supporting GDPR Compliance
The latest version of TrustBuilder IDHub and TrustBuilder for mobile introduces tools specifically designed to ease GDPR compliance by enabling corporations to gather, record, and manage customer consent.
When a user tries to log onto a company’s application that is protected by TrustBuilder IDHub, they will now be invited to have their data recorded and tracked in line with GDPR. This will also be extended to proxied apps, while the new version adds support to manage Mobile or Web API applications.

For simple reporting, TrustBuilder IDHub will now generate events that can be used to simplify auditing and reporting on compliance. These group together user activity such as authentication, authorization, log-out and session updates, and will be available to extract via a selectable workflow which can process and store these auditing events. This will make data more accessible for auditing, and easier
to interpret within user analytics activities.

Transaction Signing with TrustBuilder for Mobile
The new version introduces Transaction Signing for TrustBuilder for Mobile, the simple, secure application that enables users to authenticate their identity via a mobile device. An increasing number of mobile banking transactions require an additional authorisation factor to ensure security. While Transaction Signing is well established, its use is set to increase as banks and financial institutions prepare for the EU’s Payment Services Directive 2 (PSD2), which will enforce strong customer authentication for certain transactions from September 2019. The latest version enables users to manage Transaction Signing through the platform.

TrustBuilder Identity Hub version 9.4 also introduces:

  • Improved Workflow Designer
    TrustBuilder IDHub has been designed to offer customers a simple, secure login experience. This new version extends this user friendliness to the administrators, featuring major improvements to integrated workflow design that will make TrustBuilder IDHub more intuitive and easy to use.
  • New Graphical Interface
    This new version is subject to a graphical update to the user interface. This update will improve the overall look and feel of TrustBuilder IDHub, and integrate the improved Workflow Designer into the Administrator’s portal.

Source Trustbuilder


The Dangers Within – Your Key to Better Insider Threat Detection

Privileged Access: How Insiders Cause Damage

At least 60 percent of organisations allow third-party vendors to remotely access their internal networks, and just like employees, these external users can turn into exploited, unintentional and malicious insiders. Yet, these users are not managed by your organisation, which makes it difficult to secure and control their privileged access to your resources.

According to a recent survey by the Ponemon Institute, 49 percent of respondents admitted that their organisation has already experienced a data breach caused by a third-party vendor, and 73 percent see the problem increasing.

This white paper uncovers common misconceptions about insider threats, and provides new insight to help organisations better protect against these costly attacks. Read this eBook to learn the who, what, why and how of the insider threat to expose risks you may not be considering and gain guidance to help you prevent and detect these attacks.

Get your white paper here


About SecurIT

Founded in 1999, SecurIT has over 18 years of extensive experience of designing, implementing, maintaining large Identity Management/Governance infrastructures. With more than 30 specialists permanently employed in the Netherlands SecurIT offers its customers high quality consultancy, implementation, management and support services (24*7). 


IBM SECURITY ACCESS MANAGER (ISAM) UPDATE SESSION ON MARCH 26th

ISAM: where we are today, and where we are heading to

On March 26th, we are holding an IBM Security Access Manager (ISAM) Session at the IBM headquarters in Amsterdam. 

Come and learn about all the exciting additions and exciting roadmap. At the same time, you can meet your peer users and learn about their experiences. Items we will cover in this session are:

  • ISAM: where we are today, and where we are heading to
  • ISAM & FIDO2
  • The role of ISAM for API protection
  • How to consume MFA from the cloud with ISAM
  • Cloud Identity to enable your VPN with MFA (RADIUS)
  • “Remember me” for Consumers with ISAM

Other candidate topics are Login password free via QR codes, Cloud Identity & integration with Microsoft, Governance from the cloud, Customer use cases and lessons learned and many more. 

A detailed agenda will follow closer to the event, but we can assure you it will be exciting and valuable. 

Feel free to forward to anyone you believe might find this invitation relevant! 

Register today!

Practical information

When: March 26th, 2019
Where: IBM Headquarters in Amsterdam
How late: 08.00 am – 16.00 pm


About SecurIT

Founded in 1999, SecurIT has over 18 years of extensive experience of designing, implementing, maintaining large Identity Management/Governance infrastructures. With more than 30 specialists permanently employed in the Netherlands SecurIT offers its customers high quality consultancy, implementation, management and support services (24*7). 


GDPR The journey to value

Creating a sustainable, governed data asset for GDPR and beyond

With the introduction of the General Data Protection Regulation (GDPR) and its enforcement from 25th May 2018, a new balance will be created between commercial interests and consumer rights around personal and sensitive data. All individuals possess personal data which needs to be shared with organisations – customers during transactions, employees at work, business partners under contract. Engaging positively and responsibly with these data subjects is the intended outcome of the Regulation and will ensure business is sustainable as well as capable of continued innovation.In the run-up to this new environment, much will be done to educate individuals about their new rights and the need for businesses to process their data. At the moment, awareness is low – just 10 per cent of consumers surveyed said they are fully aware of GDPR (Source: 'GDPR Impact 2017', DataIQ commissioned survey of 1,001 UK consumers conducted by Research Now, February 2017). But just as data security has become a mainstream issue, so will data protection. The difference is in the opportunity for demonstrating the upside of data sharing, rather than defending against the downsides of data breaches.Download the whitepaper to help you develop your GDPR readiness program.IBM can assist you with your GDPR readiness programme through a full end-to-end solution.


Get your whitepaper here


About SecurIT

Founded in 1999, SecurIT has over 18 years of extensive experience of designing, implementing, maintaining large Identity Management/Governance infrastructures. With more than 30 specialists permanently employed in the Netherlands SecurIT offers its customers high quality consultancy, implementation, management and support services (24*7). 


FUTURE-PROOF YOUR IAM

Need strong security? Go silent.

A strong security posture and a positive digital experience don't have to be mutually exclusive. You can achieve both with the silent, nonintrusive security of IBM identity and access management (IAM). This approach to IAM isn't hidden away—far from it. Silent security connects users, applications, and ultimately people to the information and applications they need—only standing in the way when it detects bad actors.Providing users access to the right applications and tools, at the right time, and for the right purposes must be done while offering customers a delightful experience. You need to make sure you are protecting information from theft and meeting ever-stricter regulatory requirements. Your IAM solution is integral to achieving these goals, yet it works best when your users don't even know it's there.IAM works best when users don’t even know it’s there.


Get your whitepaper here


About SecurIT

Founded in 1999, SecurIT has over 18 years of extensive experience of designing, implementing, maintaining large Identity Management/Governance infrastructures. With more than 30 specialists permanently employed in the Netherlands SecurIT offers its customers high quality consultancy, implementation, management and support services (24*7). 


SecurIT Europe: Our 2018 in review

2018 was a beautiful year for SecurIT in Europe.

  • We realized an 18% growth within our European resource pool 
  • Our innovation power was proven by completing over thirty certification pathways. 
  • With over 90 successful projects, we substantially extended our customer base. 
  • 2 new partnerships were added to our portfolio with market leader vendors in the Identity and Access Management (IAM) space: Okta and Omada 
  • Last but not least, we went global in 2018 by acquiring U.S. based Palmetto Security Group in Greenville, South Carolina almost doubling our staff and our services across the ocean 

Hard work pays off they say, by the end of 2018 SecurIT was ranked 2nd in the category security and 73rd overall in the MT1000, the most extensive survey among business decision makers on the quality and popularity of business service providers in the Netherlands.  

All of the above are exciting reasons for us to look back on a successful 2018!!  

Our growth  
18% growth of our resource pool 

Completed over thirty certification pathways 

New partnerships with Okta and Omada 

Project delivery  
Extension of customer base 

Delivered over 90 successful projects 

Going global  
Acquired U.S. based company, Palmetto Security Group