Archive for the ‘Auditing’ Category

It’s probably safe for me to assume that your Windows File Servers store critical, sensitive information at this very moment in time. In the modern world, data is more valuable than oil, and is now considered to be the most valuable resource in the world. Ensuring that File Server is secure should be high on the list of priorities for any organization that stores sensitive data. Unfortunately, many of the … Read more

There are two kinds of data that is stored digitally in your organization; structured and unstructured. Unstructured data is data which does not have any sort of pre-defined data model or isn’t organized in a pre-defined way. It usually comprises the majority of the digital information that an organization stores. The problem is, many companies find it tricky to keep their unstructured data secure due to it’s changing nature. Because … Read more

It’s true to say that the modern-day business is reliant on data. Organizations are constantly looking for ways to leverage data intelligence to improve marketing activities, sales and operations. But with this reliance comes a cost; the uncontrollable rise of unstructured data. What is Unstructured Data and Why Does It Pose a Problem? As an organization that deals with this every day, we sometimes assume that everyone understands the threat … Read more

A report by Forrester once claimed that 80% of all security breaches involved the abuse or misuse of privileged credentials. Let’s accept for a moment that Forrester are right, and that privileged user accounts are the common denominator in a large percentage of security breaches. Knowing this, we’d expect to see all organisations well on the path to having clear processes, policy and controls in place to audit, track and … Read more

We talk to thousands of organisations every week about their Active Directory and, more specifically, how secure and protected their Active Directory is. It’s fair to say, I think there is a good deal of education that needs to be done as to what constitutes a secure Active Directory. Whenever we begin any engagement with any potential client we ask questions around their drivers. One of the specific questions we … Read more

Active Directory is used by approximately 90% of organizations, yet keeping your AD secure still presents a significant challenge due to the large amounts of critical data that it handles. According to a recent security assessment of Active Directory carried out by Skyport Systems, poor visibility and weak passwords are the leading cause of Active Directory security breaches. The problems arise as sysadmins struggle to keep track of who has … Read more

According to an IBM Study, 60% of attacks come from inadvertent or malicious insider misuse. The importance of ensuring you’re able to keep track of what your most privileged IT users are doing cannot be understated. So, ensuring you have the appropriate means to track your most privileged users, and ensuring that granting of access rights is appropriate, should be a critical part of all IT security strategies. Here are … Read more

If an attacker enters Active Directory as a privileged user, or somehow manages to escalate their privilege after entering, they can do anything within the organization. An attacker then will have access to all user identities and can go undetected for days, months or in some cases years. When detected, the attacker can collapse the entire Active Directory, leaving the organization helpless, which could lead to a significant business loss. … Read more

It’s an age-old question; can’t I just audit my Active Directory using native processes? Do I need to spend the time and money comparing, evaluating and implementing a third-party solution? In short, I believe the answer is yes. There are numerous reasons why native auditing isn’t stringent and enough to provide you with the information you need to detect and prevent data breaches, as well as meeting regulatory compliance. The … Read more

Despite the presence of sophisticated IT solutions, organizations often struggle to lay the foundation for a secure IT environment. Critical Servers, including File Server, Active Directory and Office 365, are a major target for attacks and data breaches in general. Regular auditing is therefore necessary to ensure the protection of critical business data, increase security and improve service availability with minimum downtime. To the relief of many IT administrators, Microsoft … Read more