Audit privileged access to Microsoft Online Services
Posted on 09 July 2013.
Xceedium announced Xsuite will include protection for Office 365, Exchange, Lync, and SharePoint. The additional protection for Microsoft online services complements Xsuite’s existing hybrid-cloud security and compliance capabilities.

Xsuite federates privileged access and provides secure single sign-on to web applications and IT infrastructure running on premise or in the cloud. It enables organizations to enforce access controls and to monitor, record, and audit what privileged users do.

The product enables federal government and commercial customers to comply with new “insider threat” requirements found in security and privacy mandates such as FISMA, PCI-DSS, and NERC-CIP.

Xsuite for Microsoft Online Services highlights:
  • Multi-factor authentication for all access to Microsoft online services – including logical (PIV/CAC) smartcard access to federal agency systems as required under HSPD-12
  • Separation of duties for administrative access to Microsoft online services (Office 365, Exchange, Lync, and SharePoint)
  • Single sign-on to Microsoft online services using federated Active Directory or LDAP credentials – including SSO access from multiple clients (Windows, Mac, Unix)
  • Recording of privileged user sessions – for comprehensive audit and forensics and to simplify compliance with Federal Government Continuous Monitoring mandates
  • Enforce and proxy privileged access to Microsoft online services through a US Federal Government Trusted Internet Connection (TIC)
  • Address dozens of new systems administrator control requirements found in the recently updated NIST Special Publication 800-53 (R4)
Susie Adams, CTO, Microsoft Federal comments: “Microsoft’s Federal government customers continue to extend their enterprises into the cloud, taking advantage of the cost savings, productivity and flexibility presented by Office 365 and our other online services. Working with partners like Xceedium will help to ensure that there are solutions like Xsuite for customers who seek to enable a consistent user experience across all applications in a hybrid-cloud environment.”


Chrome extension thwarts user profiling based on typing behavior

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Jul 29th