Archive for Author: Satyendra

2017 saw an inordinate number of cybersecurity breaches take place, and the aim in 2018 will be ensure that you are compliant with many of the new compliance regulations coming into effect. 2017’s biggest security breaches include the Equifax breach, state-sponsored attacks, Russian manipulation of social media, WannaCry, and innumerable phishing scams. Security was compromised at every level, and something needs to change in 2018. Many CIO’s and top security … Read more

Privileged user accounts are the ultimate goal for cyber attackers. Once attackers have privileged access, stealing sensitive information is a breeze. In many cases, attackers patiently claw and scrape their way up the access ladder from low-level accounts up to administrative ones. IT administrators regularly face challenges identifying who has privileged access to Active Directory environment, as well as managing new privileged users. The goal of this blog post is … Read more

GDPR requires all businesses (in and outside European Union) dealing with EU citizen’s data to protect their data and privacy for transactions that occur within EU member states. Non-compliance will result in hefty penalties. The directive will set a new norm for consumer rights but, initially, it will be challenging for companies to put the required systems and processes in place to conform. The compliance will require new expectations from … Read more

Are you able to instantly identify who has access to the sensitive data in your Active Directory? Sometimes, answering “who has access to what?” in your IT environment can be difficult. Knowing who has permission to what enables IT teams to ensure that the right users have the right levels of access to the right data. This is a critical part of ensuring the principle of least privileges, where users … Read more

Auditing file and folder accesses on Windows File Servers enables you to see whether any users are accessing or trying to access resources without authrization. A large proportion of organisations are not making the most of file server auditing, choosing to stick to native auditing processes which can be both time-consuming and complex. At Lepide, we recommend deploying a third-party solution (obviously…), such as LepideAuditor. With an increasingly mobile workforce … Read more

In an IT environment, privileged user accounts are those which are provided comparatively more privileges or permissions than a normal user account. Any malicious activity conducted, either intentionally or mistakenly, by a privileged account can be a threat to IT security. To address this, a systematic way of determining which users have privileged access and tracking their activities is required. Follow these methods in this blog to identify privileged user … Read more

In every organization, Active Directory administrators need to be able to produce detailed reports on user access, object modification, privileged user activities and more. The reason for this may be down to external compliance requirements, IT security, litigation purposes or a combination of all three. Depending on the requirement, the urgency of such reports may vary. For example, if you are tracking Active Directory activities in order to maintain network … Read more

In many organizations, servers are managed without any oversight, and this often leads to unwanted configuration changes. Here are three reasons why you should consider implementing change control in your business, no matter how large or small. Change control is a business process that aims to ensure a systematic approach is taken to making configuration changes to IT systems. But many organizations don’t have a process for managing IT change, … Read more

The Active Directory is one of the most important security mechanisms for any Windows network. The Active Directory contains everything from user accounts and password policies, to group policy settings. As such, most organizations put considerable effort into determining which Active Directory settings will best meet the organization’s security requirements. Even so, all of this careful planning can be undone by configuration drift. Configuration drift happens when changes gradually occur … Read more

For many organizations, IT operations are driven by regulatory compliance requirements. Systems containing sensitive data must be secured and maintained in a way that adheres to the regulatory requirements. Industry specific applications, such Electronic Health Records systems, are commonly designed with regulatory compliance in mind. After all, the application vendor knows which industry will use the application, and what the regulatory requirements are for that industry, and can therefore design … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All Trademarks Acknowledged.