Archive for July, 2017

What is HIPAA compliance? HIPAA, the Health Insurance Portability and Accountability Act, is the standard for ensuring that sensitive patient data is protected. Any company dealing with protected health information (PHI) must comply to this regulation by ensuring that all the required physical, network and process security measures are in place and followed. Companies that transmit or maintain health information, such as the NHS in the UK, must ensure they … Read more

July 28th 2017 – SysAdmin Day. A day to celebrate the work, that often takes place behind closed doors, of System Administrators worldwide. We’re taking today to think about being a Sys Admin, in particular the pros and cons of the coveted role. First things first, what is a Systems Administrator? Officially they are responsible for the upkeep, configuration, and reliable operation of computer systems; especially multi-user computers, such as … Read more

According to Verizon’s 2017 Data Breach Investigations Report, 25% of data breaches involve insiders. And in 60% of cases, insiders take data to sell later, or 15% to a new employer or to start a rival company. Data theft doesn’t necessarily require any technical skill if users already have access to the information they need, and can be detected or prevented using logging, monitoring large data transfers and removeable USB … Read more

“The fact that a company hasn’t noticed a breach doesn’t mean that it hasn’t been breached” – An APT is a type of malware which uses social engineering or various phishing techniques to gain access to a network. Once the malware has gained access, it will conceal itself by hiding in unsuspected files, where it can remain undetected for weeks, months, or even years. In which time, it is … Read more

Since 1998, we have relied on the Data Protection Act (DPA) to provide us with a regulatory framework for protecting personal data. It has been effective to some extent, however, I think it is fair to say that an upgrade is long overdue. After all, so much has changed in the last 20 years. There are many more businesses processing personal data, technology has evolved beyond recognition, and cyber-attacks are … Read more

As you probably know by now, the GDPR is coming into full effect on May 25, 2018, and constitutes the most significant change to European Union (EU) privacy law in two decades. It is designed to replace the Data Protection Directive (DPD) that came into force in 1995 when web technology was nowhere near as advanced as it is today. The GDPR applies to all organisations handling the data of … Read more

In an IT environment, privileged user accounts are those which are provided comparatively more privileges or permissions than a normal user account. Any malicious activity conducted, either intentionally or mistakenly, by a privileged account can be a threat to IT security. To address this, a systematic way of determining which users have privileged access and tracking their activities is required. Follow these methods in this blog to identify privileged user … Read more

If you’re reading this, you’ve either already become the victim of a ransomware attack or you’re interested in finding out what your options are should it happen to you. So, in this article we’re going to discuss what a ransomware attack does and how best to react to one. What does a ransomware attack look like? Ransomware attacks come in many shapes and sizes, but the ultimate goal is to … Read more

It seems that almost every month we are told of yet another high-profile security breach in which sensitive data is leaked, either for profit or accidentally. In almost every case, the end result of these data leaks is damage to the reputation and/or bottom line of the organisations involved. Whilst there is no way to completely remove the risks of a data breach occurring in your organisation, there are certain … Read more

The danger posed by insider threats Many organisations with budgets allocated towards security choose to spend them on defending against external attacks and ignore the far more prevalent insider threat. This tends to be due to the fact that, in the past, external hacks were heavily publicised in the media and resulted in expensive damages to company reputations and bottom lines. However, despite recent major ransomware attacks throwing the spotlight … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All Trademarks Acknowledged.