Lepide Blog

With the advent of the new European Data Protection Regulation, all companies globally are required to adhere to the law if they are storing or processing personal information of any European Union citizens. This means that US companies doing business with European countries in theory must adhere to the law. If they do not the potential penalties are €20M, or 4% of the previous year’s gross global turnover, whichever is … Read more

Here at Lepide we brand ourselves as an IT security and compliance vendor, which raises a really interesting question as to what IT security really is. Sure, while we have always offered solutions that enable users to audit, monitor and alert when potential security threats arise, you could arguably say that visibility does not necessary equal security. Just because someone knows about a potential issue does not in itself equate … Read more

Back in May, the “WannaCry” virus started hitting computer systems across the globe. Spread via a simple E-mail phishing scam, the virus exploited a Microsoft vulnerability to hijack victims’ computers, locking and encrypting data so that it became impossible to access with a key. The cyber attack crippled massively sensitive servers worldwide, bringing amongst others, the UK’s NHS, FedEx and Germany’s rail systems to a grinding halt. All in all, … Read more

To put it simply, in order to protect your sensitive data, you need to know exactly what data you are trying to protect. Data classification allows you to categorise information based on how sensitive certain data items are by injecting metadata into documents, emails, etc. This information can be used to alert users about the degree of sensitivity associated with the data they are handling. This is akin to putting … Read more

Most of today’s malware could be stopped by following basic security best practices. But despite this, organizations either choose convenience over security or don’t enforce their own security policies. In a least privilege environment, users only have the rights required to carry out their job responsibilities. That’s a bit of an unhelpful definition because you could argue that many users need administrative privileges to fulfil their duties as a lot … Read more

The UK Government has announced a new data protection bill that is designed replace the forthcoming EU GDPR. The bill is essentially an update to the existing Data Protection Act (DPA), that was introduced in 1998. Why has the Government decided to make these changes? As of the 25th of May, 2018, the EU General Data Protection Regulation (GDPR) will come into effect, which sets out to “harmonize data privacy … Read more

SIEM (Security Information & Event Management) software is designed to assist organisations in detecting and reporting suspicious activity within their environment. SIEM solutions aggregate data in real-time from multiple sources within an IT environment and present the information via a single dashboard. SIEM solutions are useful; however, they also have many drawbacks. SIEM solutions can be complex Collecting the data and organising it into anything that you can derive real … Read more