The role of the IT department is multifaceted and constantly evolving. One are that has remained a very important part of the IT department’s role is the regular auditing of critical IT systems. Regular, in-depth auditing helps to streamline systems management, strengthen security and meet regulatory compliance mandates. Given below is a list of points, based on the US government’s NIST (National Institute of Standards and Technology) Cyber Security framework … Read more
This tutorial explains the steps of performing Current Permission Analysis of the shared files and folders using LepideAuditor Suite for File Server . It offers customizable auditing, dedicated Radar Tab with graphical representation of Audit Data, predefined audit report, Historical Permission Analysis, and Current Permission Reports. When it comes to current permissions, it provides a detailed report of all the permission related data including change in applied permissions by folder, … Read more
Whilst many organizations give high priority to protecting themselves against outside security threats like hackers, a high proportion aren’t even aware that they may be at risk from the inside. When employees, ex-employees, business partners or associates leak, sell, or manipulate sensitive information either by accident or maliciously the organization may suffer. Financial losses and reputation may get affected irreparably, especially if the information contains intellectual property, business secrets, and … Read more
Massive data breaches often work the same way. The hacker gains access by exploiting a software security weakness or installing malware through phishing links. Then the hacker grants themselves elevated access so they can login to a database directly. Often this is done with stolen credentials, using user ids that are shipped with software, or brute password dictionary attacks against systems that do not lock accounts when this happens. This … Read more
Despite the presence of sophisticated security solutions, often organisations struggle to answer the most basic security questions – who, what, where and when (the 4 W’s). This is particularly pertinent when it comes to the most critical IT systems such as Active Directory, SQL Server, Exchange Server, and SharePoint. Trying to answer these 4 questions using native audit logs alone can be challenging. The importance of the 4 W’s If … Read more
Inactive accounts in the Active Directory should strike fear in the hearts of IT admins. They may appear harmless as they lay dormant, unused and inactive, but they are an open invitation for anyone looking to compromise an organization’s security. Why do inactive accounts matter—aren’t they harmless? Inactive accounts may appear docile but they can cause fatal damages to an organization, especially when they are not disabled or when they … Read more
Even though there are a lot of books and papers that discuss Active Directory security, incidents of AD security breach just don’t seem to stop. What can be the reason for this? Are IT admins just not being able to grasp the tinges of AD security? Or Are they unable to adapt to the new, advanced threats that are being invented every day? Both of these could be the reasons. … Read more
Christmas is the ideal time to relax and switch off but unfortunately there’s no holiday from potential IT security issues at any organization. Furthermore, the absence of administrators or other staff from the IT help desk can only exacerbate the situation. So if you want to avoid Santa bringing you any nasty surprises, you need a dynamic change configuration auditing solution for server components to bulletproof your IT security system … Read more
What was born on the cloud is now descending to your premises! With the release of Exchange 2016, Microsoft is making a bunch of new features whose radiance we have glimpsed in Exchange Online as a part of Office 365 available for on-premises deployment. These features, having powered millions of mailboxes and public folders in the Cloud environment and having gone through trials and testing in the hands of users … Read more
How securing data access across Windows Servers help organizations to better manage their shared data06.03.2015, IT Security, by Satyendra.
Security Auditing of an enterprise – whether in an extremely large organization or a smaller one is one of the most important concern pertaining to protect your confidential or private data from hackers eyes. Unauthorized file access, falsification and even deletion and modification of files & folders has become a common phenomenon in organizations where it becomes difficult to audit events, track malicious user actions & monitor illegal access.