Archive for the ‘Auditing’ Category

Many IT Administrators find it difficult to implement an in-depth and pro-active File Server Audit strategy. If an important event happens and you want to investigate, you may have to wade through gigabytes of event logs on the Windows devices; which can often be like finding a needle in a haystack. Event logs stored on Windows File Systems are so verbose that deriving meaningful information from them can be very … Read more

Misconfigured Domain Controllers (DCs) present a major security risk for Active Directory. To ensure that your Domain Controllers are configured correctly, you will need to closely review the default Domain Controller Policies, create Domain Controller GPOs (Group Policy Objects) and configure Group Policy Settings. Your policy will need to include patching and protecting Domain Controllers, and include an effective DC auditing strategy for monitoring and reporting changes to event logs. … Read more

Unlike an Information Security Analyst, to be a professional IT auditor, you are not strictly required to have an in-depth understanding of your operating system, nor do you need to be a hacker to be able to audit the files, folders and permissions on your network. However, it is imperative that the auditor knows exactly what they are auditing, which does require a high level of technical knowledge. There are … Read more

Configuration drift is a naturally occurring phenomenon whereby configuration items (CIs), such as computers or devices on an organisation’s network, drift towards an inconsistent state. This problem occurs on both private and cloud-based networks. While there are a number of causes of configuration drift, it’s essentially the result of conflicting changes made to device’s, software, services and configuration files, which are not systematically monitored by the IT department. It is … Read more

The overall cost to the UK economy from cyber-crime alone is well over £20 billion, and businesses are the ones that feel the effects the most. Every year we see stories of network attacks, yet it appears that many businesses are still not taking steps to mitigate the risks. Surveys suggest that most companies that face a significant security breach go out of business within a year. The average cost … Read more

For many organizations, IT operations are driven by regulatory compliance requirements. Systems containing sensitive data must be secured and maintained in a way that adheres to the regulatory requirements. Industry specific applications, such Electronic Health Records systems, are commonly designed with regulatory compliance in mind. After all, the application vendor knows which industry will use the application, and what the regulatory requirements are for that industry, and can therefore design … Read more

For organizations that use Windows Server, nearly all authentication and access control related tasks are tied to the Active Directory. Additionally, application configuration information is also sometimes stored in the Active Directory. Given everything that the Active Directory does, it would not be a stretch to think of the Active Directory as being the glue that ties all of an organization’s IT resources together. Because the Active Directory is such … Read more

Domain, Schema and Enterprise administrators hold the keys to your Active Directory (AD) kingdom, but it’s not uncommon to find organizations routinely issuing new IT hires with domain administrator privileges to expedite access for support purposes, or at best a proliferation of privileged accounts lying dormant and unaudited, giving attackers a potential way in to your systems. If it’s a revelation that domain administrator privileges aren’t required to add, delete, … Read more

Mailboxes are a very important part of every organization since they can contain high business impact (HBI) information and personally identifiable information (PII). This makes it essential to keep track of every activity taking place in the Exchange environment. When it comes to mailbox access, tracking the access of non-owners is a very important part of ensuring that mailboxes are being used correctly. Mailbox audit logging is a feature of … Read more

The role of the IT department is multifaceted and constantly evolving. One are that has remained a very important part of the IT department’s role is the regular auditing of critical IT systems. Regular, in-depth auditing helps to streamline systems management, strengthen security and meet regulatory compliance mandates. Given below is a list of points, based on the US government’s NIST (National Institute of Standards and Technology) Cyber Security framework … Read more


Notice: ob_end_flush(): failed to send buffer of zlib output compression (0) in /home/lepidec/public_html/blog/wp-includes/functions.php on line 3818