Archive for the ‘Data Security’ Category

The UK Government has announced a new data protection bill that is designed replace the forthcoming EU GDPR. The bill is essentially an update to the existing Data Protection Act (DPA), that was introduced in 1998. Why has the Government decided to make these changes? As of the 25th of May, 2018, the EU General Data Protection Regulation (GDPR) will come into effect, which sets out to “harmonize data privacy … Read more

SIEM (Security Information & Event Management) software is designed to assist organisations in detecting and reporting suspicious activity within their environment. SIEM solutions aggregate data in real-time from multiple sources within an IT environment and present the information via a single dashboard. SIEM solutions are useful; however, they also have many drawbacks. SIEM solutions can be complex Collecting the data and organising it into anything that you can derive real … Read more

According to data obtained by the BBC, “NHS hospital trusts in England reported 55 cyber-attacks in 2016” – 16 more attacks than in 2015. However, NHS Digital claims that this number doesn’t represent an increase in the actual number of attacks, but an increase in the number of reported attacks. Despite this claim, the information that came to the surface following the recent WannaCry attack gave us a clear indication … Read more

Audit changes to Group Policy to stay secure and provide continuity of IT services. Group Policy is a critical component of Windows Server Active Directory (AD). It can be used to manage the user and system configuration of servers and end-user devices, including registry settings, user environment setup, security, and software configuration. As a powerful tool that can help organizations standardize system configurations across their environment, it also comes with … Read more

According to Symantec’s 2016 Internet Security Threat Report, 43% of cyber-attacks target small businesses. In both the UK and US, small and medium-sized businesses (SMBs) account for approximately 99% of all businesses. To make matters worse, SMBs are usually less equipped to defend themselves against cyber-attacks due to the limited resources available to them. Additionally, cyber-attacks in the SMB sector are more likely to go unnoticed for longer periods of … Read more

The most valuable data in your organization is likely to be held in Active Directory (AD), databases, and on file servers. We often pay a lot of attention to securing AD and databases but file servers should also be appropriately secured. Here are my top 10 tips for keeping file servers protected. 1. Physical security Don’t let somebody walk out the door with your file server. But server theft isn’t … Read more

According to the mid-year data breach report, published by the Identify Theft Resource center, the number of data breaches in the US have hit a 6 month record high of 791. Compared with figures from 2016, this represents a 29% jump in the number of reported breaches. Should this trend continue, it is estimated that the total number of breaches in 2017 could rise to a staggering 1,500. The ITRC … Read more

Peep show became a huge hit in the mid-2000s, partly due to the cringe-inducing story lines, the hilarious comedic timing of Mitchell and Webb and the amount of times we all agreed with the inner monologues of Mark Corrigan. You wouldn’t think that there would be any real-world IT security lessons that could be taken from this show, but you’d be wrong. One of the many charms of Peep Show … Read more

Active Directory controls access to your critical systems and data, so is the ultimate target for hackers because it holds the keys to your entire kingdom. Here are 10 steps you can take to ensure that your business stays protected. 1.Physical security Domain controllers (DCs) should be placed in a physically secure location. Once physical access is gained, protections you have in place can potentially be overridden. 2.Deploy RODCs where … Read more

Half way through writing an article about how the number of high profile data breaches in 2017 has been an increase on last year, yet another monumental, yet avoidable, leak takes place. This time, sensitive and personal information of millions of transporters in Sweden, along with much of the military secrets of Swedish government, was allegedly leaked by the Swedish government themselves. This incident is set to be one of … Read more