Archive for the ‘Data Security’ Category

Unless you’ve been living under a rock you will have undoubtedly have heard of the Panama Papers leak that has affected many of the world’s rich and famous. Now that the immediate aftermath of the biggest data leak in history has passed, and more details concerning the leak have been revealed, it would be a good time to go through what actually happened and why it is important. The leaked … Read more

There are many reports of ex-employees trying to sabotage the IT assets of the organization through unauthorized accesses and misuse of data. Also, there are many instances of ex-employees using some critical data related to their past work for reference purposes (usually in their current organization or for a new job search) without being concerned about the security issues or without actually realizing them. Though no evidences are available, many … Read more

Inactive accounts in the Active Directory should strike fear in the hearts of IT admins. They may appear harmless as they lay dormant, unused and inactive, but they are an open invitation for anyone looking to compromise an organization’s security. Why do inactive accounts matter—aren’t they harmless? Inactive accounts may appear docile but they can cause fatal damages to an organization, especially when they are not disabled or when they … Read more

Passwords have for a very long time been used to prove identity and authenticate user access to resources. As time has gone by, to increase security we have made password requirements more complex and frequently changing passwords a necessity. However, in the pursuit of better security we have ignored the very fact that made password-based security preferable over other approaches – its simplicity. Asking for increasingly complex passwords and then … Read more

I was looking over the definition of secure the other day and found the following entry: v. fix or attach (something) firmly so that it cannot be moved or lost And then I applied it to security initiatives within IT. The goal aligns well; you want to fix (read: configure) your network so that the security controls you put in place doesn’t are not “moved or lost” – that is, … Read more

For users of the controversial adultery dating site Ashley Madison, July 15, 2015,  was a black day indeed. The Canadian organisation reported on that day that an eye-watering 37 million users had had their most personal of personal data leaked. An embarrassment of phenomenal magnitude for any site of its nature but an off-the-charts disaster for an organisation so reliant on secrecy.  A 9.7 GB encrypted file that hackers threatened … Read more

Organization’s computer systems hold sensitive information which can be conceded in various ways, like; malicious or unintentional actions, or through the failure of software or electronic components. Malicious attacks or cyber-attacks causes an immense amount of damage to organization’s integrity and security. Hacking of organization’s data through cyber-attacks are increasingly communal today. Cyber-attacks and their subsequent safety breaches are a part of swiftly growing international cyber hazard that outlays companies … Read more

Compromising Domain Controllers (DC) is equivalent to endangering the entire Active Directory. The logic behind this is simple—when an attacker gets access to the Domain Controller, he will be able to access and change everything related to the AD domain. A hacker who has got access to Domain Controllers may: cause damage to AD DS database access the security database and the information therein leak the security configuration information change … Read more

Are you a Windows administrator in charge of the IT network of the organization? There are chances that you make mistakes on many fronts. But don’t worry. You are not alone. We here will tell you the most common mistakes that IT administrators fall prey to. 1. Not planning IT infrastructure and resources As an administrator you can ignore planning only at your own peril. You are in charge of … Read more

Security Auditing of an enterprise – whether in an extremely large organization or a smaller one is one of the most important concern pertaining to protect your confidential or private data from hackers eyes. Unauthorized file access, falsification and even deletion and modification of files & folders has become a common phenomenon in organizations where it becomes difficult to audit events, track malicious user actions & monitor illegal access.