Archive for 2017

Understandably, organisations are feeling a growing sense of unease about forthcoming General Data Protection Regulation (GDPR). It introduces a number of important changes to the current Data Protection Directive (DPD), such as increased territorial scope, stricter consent laws, hefty fines, breach notifications, enhanced data subject rights and specific design requirements that focus on data privacy. Additionally, many organisations will be required to appoint a Data Protection Officer (DPO) to oversee … Read more

Audit changes to Group Policy to stay secure and provide continuity of IT services. Group Policy is a critical component of Windows Server Active Directory (AD). It can be used to manage the user and system configuration of servers and end-user devices, including registry settings, user environment setup, security, and software configuration. As a powerful tool that can help organizations standardize system configurations across their environment, it also comes with … Read more

According to Symantec’s 2016 Internet Security Threat Report, 43% of cyber-attacks target small businesses. In both the UK and US, small and medium-sized businesses (SMBs) account for approximately 99% of all businesses. To make matters worse, SMBs are usually less equipped to defend themselves against cyber-attacks due to the limited resources available to them. Additionally, cyber-attacks in the SMB sector are more likely to go unnoticed for longer periods of … Read more

Auditing file and folder accesses on Windows File Servers enables you to see whether any users are accessing or trying to access resources without authrization. A large proportion of organisations are not making the most of file server auditing, choosing to stick to native auditing processes which can be both time-consuming and complex. At Lepide, we recommend deploying a third-party solution (obviously…), such as LepideAuditor. With an increasingly mobile workforce … Read more

The most valuable data in your organization is likely to be held in Active Directory (AD), databases, and on file servers. We often pay a lot of attention to securing AD and databases but file servers should also be appropriately secured. Here are my top 10 tips for keeping file servers protected. 1. Physical security Don’t let somebody walk out the door with your file server. But server theft isn’t … Read more

According to the mid-year data breach report, published by the Identify Theft Resource center, the number of data breaches in the US have hit a 6 month record high of 791. Compared with figures from 2016, this represents a 29% jump in the number of reported breaches. Should this trend continue, it is estimated that the total number of breaches in 2017 could rise to a staggering 1,500. The ITRC … Read more

Peep show became a huge hit in the mid-2000s, partly due to the cringe-inducing story lines, the hilarious comedic timing of Mitchell and Webb and the amount of times we all agreed with the inner monologues of Mark Corrigan. You wouldn’t think that there would be any real-world IT security lessons that could be taken from this show, but you’d be wrong. One of the many charms of Peep Show … Read more

Active Directory controls access to your critical systems and data, so is the ultimate target for hackers because it holds the keys to your entire kingdom. Here are 10 steps you can take to ensure that your business stays protected. 1.Physical security Domain controllers (DCs) should be placed in a physically secure location. Once physical access is gained, protections you have in place can potentially be overridden. 2.Deploy RODCs where … Read more

Half way through writing an article about how the number of high profile data breaches in 2017 has been an increase on last year, yet another monumental, yet avoidable, leak takes place. This time, sensitive and personal information of millions of transporters in Sweden, along with much of the military secrets of Swedish government, was allegedly leaked by the Swedish government themselves. This incident is set to be one of … Read more

Organizations around the world are still cleaning up the devastation left behind by Petya and the WannaCry ransomware, with damage ranging from minor inconvenience to complete shutdowns of company operations. Hackers are taking the lessons learned from Petya and WannaCry to create new variants that improve the ability to move undetected between devices using the EternalBlue exploit, or in other words, the vulnerability in the Server Message Block (SMB) 1.0 … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.