Data Security & Compliance Blog

With increasingly more people working from home as a result of the ongoing coronavirus pandemic, many organizations have been switching to Microsoft Office 365, and other cloud-based collaboration platforms to help streamline their business operations. However, there are a number of security implications that need to be considered before doing so, and organizations need be aware of the configuration options that exist, to help them secure their O365 implementation. In … Read more

Few industries have fared well during the corona virus pandemic. As you would expect, most of the industries that have either stayed afloat or managed to capitalize on the crisis were those that generated a significant portion of their revenue from online sales. Online shopping, food delivery services, entertainment, gaming, e-learning, dating, and videoconferencing, were amongst the industries that made the most gains during these troubled times. Businesses offering products … Read more

Attackers are persistent in their pursuit to compromise Active Directory services due to their role in authorizing access to critical and confidential data. As organizations expand, their infrastructure becomes increasingly more complex, which makes them a lot more vulnerable to attack as it is harder to keep track of important system changes, events and permissions. It’s also becoming a lot harder for organizations to determine where their sensitive data is … Read more

One thing about us IT folk is that we have a tendency to over-complicate everything. However, when it comes to data security, there isn’t much we can do about it. IT environments are not only growing in size, but they are becoming increasingly more complex, distributed and dynamic. Most modern IT environments consists of a large number of different users, applications and devices; with data spread across multiple platforms – … Read more

Sensitive data is any data that, if exposed to the general public, would incur some form of cost to the organization who is entrusted with the data. Such costs may include breach notification costs, loss of revenue from system downtime, loss of customers due to reputational damage, costs associated with redress and reparation, and possibly even costs associated with lawsuits and fines. Examples of sensitive data include financial data, such … Read more

There’s no doubt that the world of data security is becoming increasingly more complex, as IT environments become more distributed, and attack vectors become more sophisticated. Organizations that store large amounts of sensitive data have so many things to think about. They need to make sure that they have a tried and tested incident response plan (IRP) in place. They need to know what data they have, where it is … Read more

A cyberattack is where an attacker tries to gain unauthorized access to an IT system for the purpose of theft, extortion, disruption or other nefarious reasons. Of course, a large number of security incidents are caused by insiders – whether through negligence or malice. However, for the sake of simplicity, let us assume that a cyber-attack is carried out by someone who is not, or was not, a member of … Read more

As you probably know already, a domain controller is a server that responds to security authentication requests within a Windows Server domain. A DC will host the Active Directory Domain Services (AD DS) database, which is used to manage users and computers and authenticate them to other services on the same domain. Both DCSync and DCShadow attacks are what are referred to as “late-stage kill chain attacks”, and both involve … Read more

The Cyber Kill Chain was developed by Lockheed Martin as a framework to help organizations understand the process of cyber attacks. If you understand every point in the chain of events of a cyber-attack you can focus your efforts on breaking that chain and mitigating the damages. Many organizations have taken their own approach to defining the correct Cyber Kill Chain, with varying degrees of success. For the purposes of … Read more

SOAR stands for Security Orchestration, Automation and Response – a term that was first used by Gartner. These days organizations collect large amounts of data relating to events that take place on their networks, and these events can be generated by a wide range of devices, applications and platforms. This data needs to be aggregated and correlated to determine whether a security incident has occurred, and what the appropriate response … Read more