Archive for Author: Satyendra

For organizations that use Windows Server, nearly all authentication and access control related tasks are tied to the Active Directory. Additionally, application configuration information is also sometimes stored in the Active Directory. Given everything that the Active Directory does, it would not be a stretch to think of the Active Directory as being the glue that ties all of an organization’s IT resources together. Because the Active Directory is such … Read more

In view of the rapidly increasing security risks IT enterprises are facing, securing the Active Directory from privilege misuse and abuse has become a global concern. Domain administrator rights are often granted to Active Directory users with to allow them to accomplish various tasks inside or outside of the network. However, giving large numbers of users privileged access can be problematic – occasionally leading to privilege abuse in the form … Read more

In 2016, a lot of emphasis was put on organizations protecting themselves against external security threats – especially in the light of high profile security breaches, including the FBI and World Anti-Doping Agency. However, most enterprise security executives in 2016 experienced a higher amount of attempted theft or corruption of data from internal sources rather than external ones. With this in mind, don’t repeat the same mistakes in 2017 that … Read more

The role of the IT department is multifaceted and constantly evolving. One are that has remained a very important part of the IT department’s role is the regular auditing of critical IT systems. Regular, in-depth auditing helps to streamline systems management, strengthen security and meet regulatory compliance mandates. Given below is a list of points, based on the US government’s NIST (National Institute of Standards and Technology) Cyber Security framework … Read more

This tutorial explains the steps of performing Current Permission Analysis of the shared files and folders using LepideAuditor Suite for File Server . It offers customizable auditing, dedicated Radar Tab with graphical representation of Audit Data, predefined audit report, Historical Permission Analysis, and Current Permission Reports. When it comes to current permissions, it provides a detailed report of all the permission related data including change in applied permissions by folder, … Read more

Whilst many organizations give high priority to protecting themselves against outside security threats like hackers, a high proportion aren’t even aware that they may be at risk from the inside. When employees, ex-employees, business partners or associates leak, sell, or manipulate sensitive information either by accident or maliciously the organization may suffer. Financial losses and reputation may get affected irreparably, especially if the information contains intellectual property, business secrets, and … Read more

Massive data breaches often work the same way. The hacker gains access by exploiting a software security weakness or installing malware through phishing links. Then the hacker grants themselves elevated access so they can login to a database directly. Often this is done with stolen credentials, using user ids that are shipped with software, or brute password dictionary attacks against systems that do not lock accounts when this happens. This … Read more

Despite the presence of sophisticated security solutions, often organisations struggle to answer the most basic security questions – who, what, where and when (the 4 W’s). This is particularly pertinent when it comes to the most critical IT systems such as Active Directory, SQL Server, Exchange Server, and SharePoint. Trying to answer these 4 questions using native audit logs alone can be challenging. The importance of the 4 W’s If … Read more

Inactive accounts in the Active Directory should strike fear in the hearts of IT admins. They may appear harmless as they lay dormant, unused and inactive, but they are an open invitation for anyone looking to compromise an organization’s security. Why do inactive accounts matter—aren’t they harmless? Inactive accounts may appear docile but they can cause fatal damages to an organization, especially when they are not disabled or when they … Read more

Even though there are a lot of books and papers that discuss Active Directory security, incidents of AD security breach just don’t seem to stop. What can be the reason for this? Are IT admins just not being able to grasp the tinges of AD security? Or Are they unable to adapt to the new, advanced threats that are being invented every day? Both of these could be the reasons. … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All Trademarks Acknowledged.