Data Security & Compliance Blog

It is surprising how few people are aware that any time you load up a website or connect with another person online, your connection gives your “address” to that site/person. Naturally, when faced with this information, a lot of people are not happy with it. A combination of cyber security and general privacy concerns requires most schools, organizations and a lot of the general public to adopt proxy servers. So, … Read more

Active Directory (AD) is pretty much the go-to domain authentication services for enterprises all over the world and has been since its inception in Windows Server 2000. Back then, AD was pretty unsecured and had some flaws that made it particularly difficult to use. For example, if you had multiple domain controllers (DCs), they would compete over permissions to make changes. This meant that you could be making changes and … Read more

Universal Plug and Play (UPnP) is something that all of us have probably come into contact with without even realizing it. If you’ve ever bought a new printer and noticed that your computer, phone and tablet are all able to recognize the device automatically, you’ve lived UPnP. If you fancy playing that song from your phone a little louder by broadcasting it to Alexa or some other wireless speaker, that’s … Read more

Active Directory security groups are used to give users or groups access to certain resources. If your Active Directory security groups are mis-configured or compromised, then your sensitive data could be at risk. In this article, I’m going to go through some best practices for your Active Directory security groups to ensure that you can maintain the security of your AD. Ensure Default Security Groups Do Not Have Elevated Permissions … Read more

98% of security threats start with Active Directory. Active Directory literally holds the keys to your kingdom. If the right security principles aren’t set up and you are giving excessive permissions to your users, you are leaving yourself exposed to potential security threats. Within Active Directory, there are numerous security protocols to choose from to implement a policy of least privilege where you are only granting administrative access to those … Read more

When discussing information security trends in the event of a recession, the problem is that we are heading into uncharted waters. The number of annual data breaches have been constantly rising since 2005. We are also seeing an increase in the number of data breaches following the housing market crash of 2008, which is what we would expect, as cyber-criminals never let a crisis go to waste. Given the increase … Read more

Let’s face it, 2020 hasn’t got off to a great start. The coronavirus pandemic, which has so far infected more than 550,000 people globally, has forced Governments across the globe to effectively shut down large parts of their economies, with citizens in many countries being required to stay at home. The travel industry has been badly damaged due to the travel restrictions, and we’ve already seen a historic surge in … Read more

The spread of Coronavirus and the associated illness, COVID-19, is all anybody is talking about right now – and for good reason. COVID-19 is changing the way enterprises are operating, forcing many employees to work from home in a bid to practice social distancing and limit the spread of the disease. The full effects of the pandemic to businesses and the general public are yet to be realised, with the … Read more

According to a recent survey, 74% of breaches involved access to a privileged account, and yet many organizations are still failing to take the steps necessary to prevent the abuse of privileged credentials. Ensuring that privileged accounts are secure requires Identity and Access Management (IAM) – a term used to describe the process of managing digital identities and controlling what assets those identities are allowed access to. IAM consists of … Read more

According to a recent survey by Syncsort, there are inconsistencies relating to how confident companies are about the strength of their cyber-security posture, and how well they actually fare when it comes to protecting their systems and data. 85% of the respondents expressed confidence in their ability to stave off cyber-security threats, while 41% admitted to suffering a security breach. Additionally, 20% of respondent said they didn’t know if they … Read more