Upcoming Webinar       The Complete Guide to Ransomware [Updated for 2022]       26th May, 2PM EDT      Register Now
Archive for the ‘Auditing’ Category

The purpose of an information security audit is to assess the current security posture of an organization. Doing so will give the auditors insights into how strong/weak the organization’s defenses are, and what can be done to improve them. Audits can be carried out on a one-time basis, ad-hock, or carried out regularly, depending on the situation. What is an Internal Audit? An internal audit is typically carried out by … Read more

Microsoft’s Windows Event Viewer shows a log of system and application messages. These messages include errors, warnings, and information about certain events that can be scrutinized by the administrator to help troubleshoot problems. Administrators and regular users can open the Event Viewer on a local or remote machine, assuming they are authorized to do so. To open on your local Windows machine, simply type “Event Viewer” into the search box … Read more

As the inevitable shift from self-hosted to cloud-based IT environments continues, Microsoft Office 365 products, such as Exchange Online, are becoming increasingly more valuable to enterprises across the globe. Exchange Online is quickly becoming the go-to solution for managing emails, calendars and contacts, to help your employees communicate and collaborate in a secure manner. There are, however, understandable security concerns relating to storing sensitive data in the cloud, as you … Read more

IT administrators require elevated rights in Active Directory to carry out certain tasks, a fact that we can’t deny. However, should an attacker gain access to a user account in AD with admin-level privileges, they will have free reign to do pretty much anything they choose. They can potentially download a database containing large amounts of PII, or access folders containing valuable company secrets. They may choose to install a … Read more

According to the 2019 Data Exposure Report (DER), commissioned and published by Code42, employees are still considered to be the #1 cause of data breaches. The survey was carried out by independent UK-based research group, Sapio Research, and included 1,028 IT security professionals and 615 business executives from companies across Europe and the United States. When questioned about whether they had experienced a breach, and what they thought was the … Read more

Monitoring file activity is not as straight forward as it sounds. After all, in order to detect and respond to suspicious or troublesome file activity, we need to know in advance what it is we are actually looking for. Below are 8 of the most common scenarios that can compromise either the security or integrity of our critical files, along with a brief summary describing how Lepide Data Security Platform … Read more

In this blog, we will be going through how the AdminSDHolder object in Active Directory can be used in Active Directory attacks. We will also go through what you can do to help defend against AdminSDHolder attacks and how Lepide Data Security Platform can help make this process easier. What is an AdminSDHolder? Essentially, the AdminSDHolder is an object in Active Directory that acts as a security descriptor template for … Read more

Disclaimer – the perfect overall security strategy will include endpoint security. I am in no means saying that endpoint security is worthless. However, in this article I will attempt to justify why I think it is far more beneficial to look at your security strategy from a data-centric standpoint. I believe that many organizations are still adopting old methods of data protection, believing that firewalls, anti-virus and network access controls … Read more

First things first, what is Group Policy? Group Policy is a feature of Windows that facilitates a wide variety of advanced settings that network administrators can use to control the working environment of users and computer accounts in Active Directory. It essentially provides a centralized place for administrators to manage and configure operating systems, applications and users’ settings. Group Policies, when used correctly, can enable you to increase the security … Read more

Active Directory plays such an important part in the makeup of most organizations’ IT infrastructure, that it automatically becomes the first target for attackers. If an attacker gets into one of your user accounts, any you don’t know that it’s happened, it’s only a matter of time before you are the victim of a disastrous data breach (especially is this user account has special privileges). Understanding LDAP plays an important … Read more