Out-of-the-box policies can protect customers from the most common privileged access exploits on workstations

Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today announced the latest release of Privilege Manager, its solution for providing privilege elevation controls for users and applications on workstations. The latest enhancements significantly improve ease of use for customers by preconfiguring five of the most common privilege elevation policies through the Workstation Policy Framework to simplify implementation and accelerate time to value.

The 2023 Verizon Data Breach Investigations Report found that phishing makes up 44% of all social engineering incidents. According to the U.S. Cybersecurity & Infrastructure Security Agency, 70% of attached files or links containing malware were not blocked by network border protection services, and 84% of employees took the bait within 10 minutes of receiving a malicious email. Using this method of attack, bad actors compromise the endpoint, elevate privileges, and move laterally within the network to find data and exfiltrate it.

Without the appropriate privileged access controls in place on workstations, organizations are susceptible to phishing, even with other security solutions in place. Privilege elevation policies must be set for users and applications to better protect against malware that could be delivered through phishing scams.

Simplified workstation privileged access policies lead to better security and less friction

Privilege Manager enforces just-enough privileges to support approved business activities while blocking or restricting privileges that malware could exploit. This approach reduces friction and enables productivity while simultaneously optimizing security.

Based on Delinea's deep expertise and customer feedback, the new Workstation Policy Framework includes five of the most common policies to help customers quickly build a foundation for privileged access controls and create a baseline of security on Windows and Mac workstations without disrupting user productivity. Existing customers can compare their policies with the framework and introduce those that may be missing in their environments.

The five preconfigured policies included are:

1. Malware Attack Protection  
   This policy prevents Living Off the Land Binaries and Scripts (LOLBAS) attacks from being executed by commonly exploited parent applications. LOLBAS is a method of attack that misuses tools and executables that are already in place because they are part of the Operating System.
2. Allow Microsoft Signed Security Catalog   
   This policy allows Microsoft-signed security catalog application installers to run. It can be combined with blocklist policies to prevent legitimate Operating System applications from being blocked.  
3. Software Development Tools
   This policy targets common software development solution system processes, including child processes, and minimizes delays caused by requesting privilege elevation.
4. Visual Studio Installers
   This policy pre-approves and silently elevates four defined Microsoft Visual Studio installers.  
5. Capture Application Elevation Attempts                                                                                                         
   This policy targets non-Microsoft applications that trigger a UAC prompt and sends policy feedback to evaluate policy adjustments that can allow, elevate, or block applications.

Effective protection against malicious code impacts developers and IT administrative tools 

Another major enhancement in this release provides granular control over the ability to add, modify or delete users on workstations through PowerShell, even in PowerShell sessions with fully elevated privileges. This reduces the risk of developers and IT administrators abusing PowerShell's capabilities and can lessen the impact of malicious code and ransomware. Such granular control of add, modify, and delete operations also significantly reduces the risk of lateral movement by a bad actor.

"Security solutions are only valuable if they are usable and don't compromise business productivity," said Dmitriy Ayrapetov, Vice President of Product Management at Delinea. "Our mission is to make security seamless and with this release of Privilege Manager, which leverages customer feedback, users can enjoy easier policy management, better security, and less friction for an accelerated time to value of our solution."

Additional updates in this release include the flexibility to allow workstation users to control firewall settings and accessibility improvements in the user interface.

Conversational intelligence empowers health insurance companies to gain insights, improve member retention as October AEP quickly approaches

Authenticx, the new standard in healthcare for listening to customer voices at scale, is providing AI-driven conversational intelligence solutions to the health insurance industry. With the Medicare Advantage (MA) annual open enrollment period (AEP) opening in October, health insurance organizations need additional strategies to grow membership and retain revenue.

"A smooth customer experience is paramount, especially during AEP," said Amy Brown, founder and CEO of Authenticx. "Insurance company call centers field a higher influx of calls at this time because many members struggle to understand the nuances of Medicare plans or have questions about the annual notice of changes (ANOC). When they receive the ANOC, many customers feel frustrated with communication or isolated in navigating their benefits and may consider disenrolling from their existing plan if they can't get help."

The MA program empowers individual members to make and change plan selections by supporting an annual open enrollment period. It's a high-risk/high-reward approach offering insurance organizations a significant opportunity to increase their membership if they're well-prepared.

Authenticx technology enables these organizations to identify drivers of negative member perceptions about their MA plans by using AI to analyze the recorded Member Services conversations and surface signs of attrition. Additionally, the platform can create and analyze call montages using specific keywords to identify and resolve pain points, reduce membership churn and uncover opportunities for improving agent performance.

Use Cases: Authenticx in Action
Authenticx leverages the Eddy Effect™, a proprietary machine learning model that identifies where customers become stuck in a frustrating loop of obstacles disrupting their ideal experience, as a key CX metric and driver of customer friction.

Health insurance companies can use Authenticx's Eddy Effect metric and dashboard to pinpoint disruption by monitoring critical metrics, including call length, repeat callers, agent quality, estimated wasted spend for preventable calls, customer sentiment and more. The platform's dashboard generates actionable, comprehensive reporting from a single set of insights.

Last year, leaders from one health maintenance organization (HMO) wanted insight into why more leads didn't opt into its Medicare Advantage Plan. The insights from this study empowered the HMO to strengthen its agent-customer relationship by providing additional agent training to clearly explain brand value differentiators between the company's Medicare Advantage Plan and those of its competitors.

After partnering with Authenticx, companies saw the following ROI:

• One client reduced member churn signals from 45% to 14% in four months
• Another MA plan increased its net new member growth by over 85%

Insights and Planning for the Future
Authenticx offers solutions specifically tailored for this enrollment period, empowering health insurance companies to listen not just for negative feedback and brand detractors but also for brand values to use in their marketing messaging — ensuring companies provide what's needed to secure customer retention.

The functionality of Authenticx's solution also enables companies to compare AEP data year-over-year, understand and compare seasonal trends, and anticipate what teams need to know before the next AEP opens.

To learn more about how Authenticx helps Medicare payers and other health insurance organizations improve the customer journey, visit Authenticx.com.

Swantide today announced Corduroy, a new AI-powered assistant that makes it faster and easier than ever to manage complex CRM implementations, enhancements, and changes. With this new tool, users can search for the exact problem they are trying to solve and Corduroy will show them how to build this requirement into their CRM -- without any technical skills needed. Now, customers can not only deploy complex processes in just a few clicks, but also discover what needs to be built to meet their business' goals.

"By leveraging AI, Swantide can accelerate its roadmap and offer even more value to customers, no matter their experience level or revenue operations knowledge," said Taylor Lint, Founder and CEO of Swantide. "We serve all customer skill sets, and this tool makes it easier for our less-technical users to manage changes to their system, learn best practices about revenue operations, and deliver process improvements in a fraction of the time." 

Corduroy is the first of many AI features Swantide is building to support the management of the GTM tech stack.

BigID builds a Connected App, Powered by Snowflake, to Increase Data Security for All Data, Everywhere

 BigID, the leading platform for data security, privacy, compliance, and governance, today announced at Snowflake's annual user conference, Snowflake Summit 2023, the launch of its privacy and security connected application, Powered by Snowflake. The connected application enables customers to accelerate security analytics within the Snowflake Data Cloud for faster data risk identification and mitigation.

"Analyzing the findings from BigID Security, Privacy, Compliance, and Governance in Snowflake gives customers a deeper understanding of their data to quickly take action to reduce risk for all data, including both structured and unstructured data," said Nimrod Vax, Co-founder and Chief Product Officer at BigID. "We are delighted to announce the availability of our connected app on the Snowflake Data Cloud. Joint customers can benefit from the power of BigID's data discovery and classification combined with the speed and scale of Snowflake's single, integrated platform to accelerate value from their security analytics."

BigID automatically classifies data and applies policies to identify sensitive data across a customer's entire data landscape that is subject to security and/or privacy regulations such as CCPA or GDPR.  Powered by Snowflake allows BigID to enable customers to leverage the Snowflake Data Cloud to run security analytics with BigID metadata to deliver advanced insight and protection of their data.

"Data security is essential and the security data lake is the future of security operations," said Omer Singer, Head of Cybersecurity Strategy, Snowflake. "Customers analyzing BigID results on Snowflake can now easily combine data discovery and classification insights with logs and alerts from other security tools, resulting in more holistic and effective threat detection and response."

Nativo, the storytelling platform where brands ignite the power of connection through content and insights, today announced it won two awards from workplace culture company Comparably. The recognitions awarded by Comparably include Best Leadership Teams and Best Companies for Career Growth.

"At Nativo, we take tremendous pride in our commitment to exceptional leadership and unwavering dedication to fostering career growth opportunities for our people. What sets this recognition apart is that it's based on the authentic experiences of our valued team members," said Mark Putrus, Chief People Officer at Nativo.

Comparably Awards are derived from sentiment ratings anonymously provided by employees about their workplaces in multiple categories on Comparably.com during a 12-month period. Out of tens of thousands considered, Nativo ranked #58 in Leadership Teams and #49 in Best Companies for Career Growth. These rankings consider companies nationwide for small to mid-sized companies with fewer than 500 employees. The final data set was compiled from 15 million ratings across 70,000 U.S. companies, large and small.

"We remain steadfast in our commitment to cultivating a people-first, values-driven culture where transparency, reciprocal feedback, and inclusion thrive. By providing a supportive environment, we empower our exceptionally talented team members to unleash their full potential, propelling not only their individual professional growth but also the overall success of the business," emphasized Putrus.‍

TrustLogix, a leader in cloud-native data security, today announced at Snowflake's annual user conference, Snowflake Summit 2023, new product capabilities for Snowflake data access and sharing, significant customer growth, and independent validation of its patent-pending and secure cloud-native data security platform. Highlights include:

• Increase in its customer base across industries including financial services, insurance, consumer retail, and technology
• Independent analyst validation of TrustLogix as a leading innovator
• New product capabilities that further enhance customers' ability to secure Snowflake data at scale
• Achieving SOC2 Type 2 compliance.
• Continued growth of Snowflake partnership

New Customer Growth:

TrustLogix expanded its customer base with enterprises of all sizes and industries - financial services, insurance, consumer retail, and technology companies - using the TrustLogix Data Security Platform to deliver the right data to the right people at the right time, safely and securely, while also enabling new use cases such as data sharing.

"Our rapid growth had created an operationally complex environment to serve our data customers and maintain data security compliance," said Bharat Goyal, EVP and Head of Engineering at Zeta Global, a Powered by Snowflake partner. "The TrustLogix data security platform yielded immediate visibility and prescriptive recommendations, which helped us automate and operationalize our audit & compliance processes and respond to data access requests and issues, so the consumers always have access to the right data at the right time."

Significant Industry Analyst Validation

TrustLogix's innovative cloud-native platform drives its continued growth. Designed with distributed multi-cloud data architectures in mind, TrustLogix provides a non-invasive, proxy-less, agentless, no-code alternative to traditional methods. Running as a pure SaaS or within a customer-managed cloud, customers can provision TrustLogix within minutes, discover data access issues and risks, define and apply policies, and deliver the right data to the right data users within an hour, without seeing or moving the data itself.

Earlier this year, Kuppinger Cole published an independent report on the Data Security Platforms market which highlighted TrustLogix as an Innovation Leader. The report found that with its containerized and serverless architecture, TrustLogix can ensure secure data access in Snowflake and other data platforms and across multiple clouds, and scale natively on demand. TrustLogix does not touch or move the data itself–the actual access controls are enforced via API using the target platforms' native capabilities–thus TrustLogix itself operates completely out-of-band and transparently for applications and users.

Announcing New Product Capabilities and SOC2 Compliance

As data proliferates across multiple instances and clusters of disparate cloud platforms, it becomes cumbersome to understand and correctly model appropriate data entitlements across those platforms. To simplify this operational complexity, TrustLogix announces the availability of Access Analyzer as part of the TrustLogix Data Security Platform. Access Analyzer provides a 360-degree view of data access patterns across all cloud data stores and enables you to untangle and maintain your complex data access permissions.

TrustLogix also announces the availability of new product capabilities that further enhance customers' ability to secure Snowflake data at scale, including:

• Integration with Snowflake's data tagging for row- and column-level access policies
• Ability to deploy masking policies via Snowflake's native masking functionality
• Ability to define and deploy attribute-based (ABAC) business-friendly entitlements and policies
• Integration of TrustLogix Access Analyzer with Snowflake native entitlements and tagging functionality

SOC2 Type 2 Certification

Additionally, TrustLogix achieved SOC2 Type 2 compliance from the AICPA, which certifies its ability to provide robust data security and privacy for its customers' most sensitive and valuable data.

Partnerships

Leveraging its Snowflake Technology Partner and Data Governance Accelerated certifications, TrustLogix has deepened its strategic partnerships and expanded its partner network to bring TrustLogix to market across more geographies and market segments. 

"TrustLogix helps Snowflake customers securely access and share data by leveraging native Snowflake capabilities without touching or moving the data itself. This helps customers accelerate the adoption of sensitive data workloads instantly and securely," said Tarik Dwiek, Head of Technology Alliances at Snowflake. "Moreover, recently released new TrustLogix product capabilities ensure this can be done with the complex business requirements and massive data volumes typical of modern enterprises today."

Keebo, a fully automated warehouse optimizer, today announced at Snowflake's annual user conference, Snowflake Summit 2023, it has joined Snowflake's Partner Network to help customers get the most from the Snowflake Data Cloud.

"We're thrilled to be a part of Snowflake's partner network and to be empowering customers around the world to do even more with Snowflake," shared Barzan Mozafari, co-founder and CEO of Keebo. "Keebo's fully-automated data learning platform helps our joint customers optimize Snowflake to save time and money, and it only takes minutes to set up."

Keebo and Snowflake, the Data Cloud company, seamlessly work together to help joint customers optimize their growing compute costs and query workloads. Applying machine learning and automation, Keebo frees data engineering teams from manual query and warehouse optimizations so they can spend more time driving real business value.

Erik Jones, Head of BI and Analytics at Intelligent Document Processing leader Hyperscience, shared, "Snowflake and Keebo allow me to spend time on what's most valuable for our Business Intelligence group as it continues to grow – delivering insights, dashboards, and analytic assets for our stakeholders."

"Partners like Keebo enable our customers to benefit from advanced machine learning algorithms that complement Snowflake's single, integrated platform," said Tarik Dwiek, Head of Technology Alliances at Snowflake. "We look forward to continued collaboration with Keebo to ensure our customers can do even more with the Data Cloud while spending less time on optimizations."

The Snowflake Partner Network unlocks the potential of the Data Cloud with a broad array of tools and partners. Certified partnerships and integrations enable customers to leverage Snowflake's flexibility, performance, and ease of use to deliver more meaningful data insights.

Click-2-Subscribe, is now globally accessible via Oracle Cloud Infrastructure. Workspaces for Oracle offers a remarkable innovation in the digital workspace landscape. Designed to support an evolving workforce, it enables seamless access to workspaces from any device, anywhere.

Kasm Technologies, a leading provider of secure browser-based workspace solutions, in partnership with Oracle, is thrilled to announce the general availability of Workspaces for Oracle: Click-2-Subscribe. This groundbreaking platform empowers organizations with a vendor-managed browser security solution, redefining the way digital workspaces are accessed and secured. By reducing exposure to vulnerable hardware and compromised networks, organizations can ensure enhanced security and minimize risk.

The Click-2-Subscribe Public SaaS boasts unparalleled scalability, allowing organizations to cater to an infinite number of subscribers. This capability enables seamless expansion to accommodate growing user bases and provides a flexible solution for organizations of all sizes.

"We are proud to introduce Workspaces for Oracle: Click-2-Subscribe, a technology solution that empowers organizations to work smarter, securely, and at scale," said Jaymes Davis, Chief Product Officer at Kasm Technologies. "With Click-2-Subscribe, organizations can seamlessly navigate the complexities of the digital era while ensuring efficient operations and robust security."

Furthermore, the Click-2-Deploy offering is also now available in the Oracle Cloud Infrastructure (OCI) Marketplace, providing organizations with even greater control and customization over their workspaces to streamline the deployment process and simplify the adoption of private workspace solutions:

• Private Deployment Zones – Deploy the Workspaces for Oracle solution within an OCI Virtual Cloud Network (VCN) to enable direct, high-performance access to your corporate resources and applications ensuring your data remains protected.
• Self-Hosted Orchestration – Customizable private deployment options, including utilization-based pricing models or vendor-assembled capabilities, facilitating self-hosted deployments within their OCI VCN.
• Private Registry & Custom Workspaces – Establish custom workspaces with software tailored to your specific needs and hosted in an OCI private registry.

This milestone release emphasizes the commitment of both Kasm Technologies and Oracle to digital sustainability. Workspaces for Oracle: Click-2-Subscribe enables organizations to focus on operational efficiency while reducing their environmental footprint. Leveraging Oracle Cloud Infrastructure's next-generation capabilities, organizations can establish highly secure and scalable digital workplaces that contribute to a sustainable future.