Archive for the ‘Auditing’ Category

Auditing any of your critical IT infrastructure is a process that involves collecting information into readable reports, analyzing those reports and taking the required action to ensure the security and integrity of that system. Group Policy is no different. For effective Group Policy Auditing, you need to be able to report on changes in such a way that enables you to take the right steps to ensure restrictions and controls … Read more

Both share and NTFS permissions serve the same purpose within Windows environments; namely, to help you prevent unauthorized access to your critical folders. However, there are some critical differences between the two that will determine which one you use. In this blog we will learn about what share permissions and NTFS permissions are, what the differences between the two are and the best practices for using them. What Are Share … Read more

It will come as no surprise that Windows out of the box isn’t secure. Many of the vulnerabilities that exist within Windows can be addressed through Group Policy Objects (GPOs). Group Policy allows administrators to control the working environment of both user and computer accounts. If used correctly, GPOs can, for example, allow you to work towards a policy of least privilege where users have permissions based on their job … Read more

Active Directory is a critical part of any organization’s IT infrastructure. Unwanted changes in Active Directory could result in potentially disastrous consequences for the security of data. Changes to user accounts, passwords, group memberships and more could lead to excessive permissions and increased risk of privilege abuse. For those reasons, and more, it is essential that you continuously and proactively audit Active Directory changes. If you’re unsure where to start, … Read more

We have spoken with countless IT professionals, from CISOs to System Administrators, and we always ask them what their biggest challenges are with data security and auditing in general. Whether you’re performing your audit internally, of you are an external consultant, you may face numerous challenges that prevent from being successful. In this blog, I have combined the four most common audit challenges that auditors are likely to face and … Read more

Regardless of where you host of your email, whether it’s by a 3rd party or internal, it is by far one of the most common entry points for external attacks into your systems and data. Because of its importance when it comes to data security, monitoring Exchange Online is critical if you are to ensure its security. More and more organizations are now choosing to host their emails in the … Read more

A brute force attack is essentially a way of guessing a password, or gaining access to something locked, simply by repetitive, trial and error-based guesswork. It is essentially the cyberattack equivalent of trying out every combination on a keypad to a locked room, hoping that eventually you’ll find the right one. This might sound like a fairly unsophisticated attack, but it is a popular one with hackers and has been … Read more

What Does User Activity Monitoring Mean? User Activity Monitoring (UAM) solutions are software tools that essentially track monitor and alert on the activity and overall behavior of your users. The most common application of user activity monitoring tools is in the detection and prevention of insider threats. The simple fact is; your users are the most likely source of a data breach in your organization (whether through negligence or malice) … Read more

The California Consumer Privacy Act (CCPA) is a new data protection bill that will come into effect on the 1st of January 2020. The CCPA is designed to give Californian citizens more control over how their personal data is stored and processed. The CCPA applies to any for-profit company that collects, stores and trades personal data belonging to Californian residents. Under the CCPA, companies must demonstrate that they are able … Read more

Accordingly to a recent report by, 93% of organizations are using cloud computing in some form or another. This is hardly surprising as cloud solutions are becoming increasingly more affordable and easier-to-use. These days, companies can actually save money by switching to the cloud, as they don’t need to manage and maintain their own infrastructure, which would require hiring a specialized technical support team. Businesses can benefit from the … Read more