Archive for the ‘Data Security’ Category

In 2016, a lot of emphasis was put on organizations protecting themselves against external security threats – especially in the light of high profile security breaches, including the FBI and World Anti-Doping Agency. However, most enterprise security executives in 2016 experienced a higher amount of attempted theft or corruption of data from internal sources rather than external ones. With this in mind, don’t repeat the same mistakes in 2017 that … Read more

Keeping the Active Directory secure is a time-consuming task that demands constant vigilance. The increasing strictness of regulatory compliances and the development of new threats from both inside and outside the IT environment have made the task even harder. Regular and pro-active audits will help administrators better understand changes being made to their critical systems – but often organizations fail to see the value and importance of this. In this … Read more

With insider security threats on the rise, and the increasing strictness and regularity of compliance mandates, auditing critical IT systems on a regular basis is an important part of the IT team’s job. Effective auditing will help you to fix IT problems faster and give you a better understanding of what’s happening in your IT environment. We recently ran a survey, aimed mostly at System Administrators in the USA, to … Read more

July and August carried on the trend in 2016 of an increased amount of awareness and attention being placed on IT security threats – both from the inside and outside. It has emerged that external security breaches affected high profile organisations such as Amazon, HSBC and the UK railway network. But as the focus on defending against external breaches increases, can the same be said of internal threats? Here’s a … Read more

Whilst many organizations give high priority to protecting themselves against outside security threats like hackers, a high proportion aren’t even aware that they may be at risk from the inside. When employees, ex-employees, business partners or associates leak, sell, or manipulate sensitive information either by accident or maliciously the organization may suffer. Financial losses and reputation may get affected irreparably, especially if the information contains intellectual property, business secrets, and … Read more

A few weeks ago, InfoSecurity – Europe’s largest Information Security industry event – took place in London and we at Lepide exhibited our auditing and monitoring solution for the first time. Now that we have had time to collect our thoughts we thought it would be a good idea to share what we learnt from talking to some of the industry’s experts. What we learnt is that, despite evidence of … Read more

Unless you’ve been living under a rock you will have undoubtedly have heard of the Panama Papers leak that has affected many of the world’s rich and famous. Now that the immediate aftermath of the biggest data leak in history has passed, and more details concerning the leak have been revealed, it would be a good time to go through what actually happened and why it is important. The leaked … Read more

There are many reports of ex-employees trying to sabotage the IT assets of the organization through unauthorized accesses and misuse of data. Also, there are many instances of ex-employees using some critical data related to their past work for reference purposes (usually in their current organization or for a new job search) without being concerned about the security issues or without actually realizing them. Though no evidences are available, many … Read more

Inactive accounts in the Active Directory should strike fear in the hearts of IT admins. They may appear harmless as they lay dormant, unused and inactive, but they are an open invitation for anyone looking to compromise an organization’s security. Why do inactive accounts matter—aren’t they harmless? Inactive accounts may appear docile but they can cause fatal damages to an organization, especially when they are not disabled or when they … Read more

Passwords have for a very long time been used to prove identity and authenticate user access to resources. As time has gone by, to increase security we have made password requirements more complex and frequently changing passwords a necessity. However, in the pursuit of better security we have ignored the very fact that made password-based security preferable over other approaches – its simplicity. Asking for increasingly complex passwords and then … Read more