04.21.2017 , Auditing, by .

Unlike an Information Security Analyst, to be a professional IT auditor, you are not strictly required to have an in-depth understanding of your operating system, nor do you need to be a hacker to be able to audit the files, folders and permissions on your network. However, it is imperative that the auditor knows exactly what they are auditing, which does require a high level of technical knowledge. There are … Read more

04.13.2017 , Security, by .

Wonga, the British payday loan company, has fallen victim to a data breach affecting an estimated 270,000 customers. The stolen data includes names, addresses, phone numbers and bank account details – including the last four digits of customers’ bank cards. Shortly after the breach was discovered, Wonga began contacting customers and setup a dedicated help page and phone line to deal with inquiries. The firm said it was “urgently investigating … Read more

04.11.2017 , Active Directory, Auditing, Change Auditing, Security, by .

Attackers are persistent in their pursuit to compromise Active Directory services due to their role in authorising access to critical and confidential data. As organisations expand, their infrastructure becomes increasingly more complex, which makes them a lot more vulnerable to attack as it is harder to keep track of important system changes, events and permissions. It’s also becomes a lot harder for organisations to determine where their sensitive data is … Read more

04.10.2017 , General, by .

The DMTF WS-Eventing standard was first introduced in Windows Server 2008 so that system administrators could centralize Windows event logs. As part of the open Web Services-Management (WS-Man) protocol that’s included in the Windows Management Framework (WMF), event forwarding provides a means to read and store event logs from Windows devices in one place. Windows Event Forwarding (WEF) is agentless, so you don’t need to install any additional software to … Read more

04.07.2017 , Auditing, Security, by .

Configuration drift is a naturally occurring phenomenon whereby configuration items (CIs), such as computers or devices on an organisation’s network, drift towards an inconsistent state. This problem occurs on both private and cloud-based networks. While there are a number of causes of configuration drift, it’s essentially the result of conflicting changes made to device’s, software, services and configuration files, which are not systematically monitored by the IT department. It is … Read more

04.04.2017 , Active Directory, Auditing, Change Auditing, by .

The overall cost to the UK economy from cyber-crime alone is well over £20 billion, and businesses are the ones that feel the effects the most. Every year we see stories of network attacks, yet it appears that many businesses are still not taking steps to mitigate the risks. Surveys suggest that most companies that face a significant security breach go out of business within a year. The average cost … Read more

03.31.2017 , Auditing, Security, by .

In many organizations, servers are managed without any oversight, and this often leads to unwanted configuration changes. Here are three reasons why you should consider implementing change control in your business, no matter how large or small. Change control is a business process that aims to ensure a systematic approach is taken to making configuration changes to IT systems. But many organizations don’t have a process for managing IT change, … Read more

03.29.2017 , Compliance, General, Security, by .

The GDPR is an EU regulation that will come into effect from 25 May 2018. The new directive aims to ensure that organisations have policies and procedures put in place to protect the data of EU citizens. Below is a checklist that is designed to assist organisations in complying with the GDPR. Awareness All employees, whether they are IT staff, executives, general administrators, consultants, sales and marketing executives, human resource … Read more

03.24.2017 , Active Directory, Auditing, by .

The Active Directory is one of the most important security mechanisms for any Windows network. The Active Directory contains everything from user accounts and password policies, to group policy settings. As such, most organizations put considerable effort into determining which Active Directory settings will best meet the organization’s security requirements. Even so, all of this careful planning can be undone by configuration drift. Configuration drift happens when changes gradually occur … Read more

03.17.2017 , Auditing, Change Auditing, File Server Auditor, by .

For many organizations, IT operations are driven by regulatory compliance requirements. Systems containing sensitive data must be secured and maintained in a way that adheres to the regulatory requirements. Industry specific applications, such Electronic Health Records systems, are commonly designed with regulatory compliance in mind. After all, the application vendor knows which industry will use the application, and what the regulatory requirements are for that industry, and can therefore design … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.