Archive for the ‘Auditing’ Category

Active Directory is a critical part of any organization’s IT infrastructure. Unwanted changes in Active Directory could result in potentially disastrous consequences for the security of data. Changes to user accounts, passwords, group memberships and more could lead to excessive permissions and increased risk of privilege abuse. For those reasons, and more, it is essential that you continuously and proactively audit Active Directory changes. If you’re unsure where to start, … Read more

We have spoken with countless IT professionals, from CISOs to System Administrators, and we always ask them what their biggest challenges are with data security and auditing in general. Whether you’re performing your audit internally, of you are an external consultant, you may face numerous challenges that prevent from being successful. In this blog, I have combined the four most common audit challenges that auditors are likely to face and … Read more

Regardless of where you host of your email, whether it’s by a 3rd party or internal, it is by far one of the most common entry points for external attacks into your systems and data. Because of its importance when it comes to data security, monitoring Exchange Online is critical if you are to ensure its security. More and more organizations are now choosing to host their emails in the … Read more

A brute force attack is essentially a way of guessing a password, or gaining access to something locked, simply by repetitive, trial and error-based guesswork. It is essentially the cyberattack equivalent of trying out every combination on a keypad to a locked room, hoping that eventually you’ll find the right one. This might sound like a fairly unsophisticated attack, but it is a popular one with hackers and has been … Read more

What Does User Activity Monitoring Mean? User Activity Monitoring (UAM) solutions are software tools that essentially track monitor and alert on the activity and overall behavior of your users. The most common application of user activity monitoring tools is in the detection and prevention of insider threats. The simple fact is; your users are the most likely source of a data breach in your organization (whether through negligence or malice) … Read more

The California Consumer Privacy Act (CCPA) is a new data protection bill that will come into effect on the 1st of January 2020. The CCPA is designed to give Californian citizens more control over how their personal data is stored and processed. The CCPA applies to any for-profit company that collects, stores and trades personal data belonging to Californian residents. Under the CCPA, companies must demonstrate that they are able … Read more

Accordingly to a recent report by rightscale.com, 93% of organizations are using cloud computing in some form or another. This is hardly surprising as cloud solutions are becoming increasingly more affordable and easier-to-use. These days, companies can actually save money by switching to the cloud, as they don’t need to manage and maintain their own infrastructure, which would require hiring a specialized technical support team. Businesses can benefit from the … Read more

More than three quarters of enterprises have at least one application (or a portion of their enterprise computing infrastructure) in the cloud. In fact, enterprises predict that their cloud spending will exceed $3.5 million in 2018. These statistics, taken from the 2018 Cloud Computing Study, would certainly suggest that the previous concerns surrounding cloud cybersecurity are becoming less prevalent. However, this does not mean that organizations are adequately securing their … Read more

Should an attacker gain access to your Active Directory (AD), you could find yourself in a lot of trouble as AD serves as the gatekeeper to your critical assets. It is imperative that you have as much visibility as possible so that you can quickly recognise and respond to any suspicious behaviour that takes place on your network. Sure, AD will generate event logs which you can scrutinize in order … Read more

One of the most important ways to address your cybersecurity in today’s threat landscape is to ensure you know how your users are interacting with your sensitive data. By sensitive data, we’re referring not just to data containing company secrets or financials, but also to consumer and employee data. Personally identifiable information (data containing credit card numbers, addresses, names etc.) can fetch a large amount of money on the black … Read more