Upcoming Webinar       The Complete Guide to Ransomware [Updated for 2022]       26th May, 2PM EDT      Register Now
Archive for the ‘General’ Category

A data steward is an individual appointed by an organization, whose role is to ensure that any data they collect and store meets certain standards in terms of its quality and relevancy and to ensure that they have the necessary policies in place to keep it secure and accessible. This includes establishing agreed-upon data definitions and data quality rules and ensuring that all employees and relevant stakeholders adhere to those … Read more

A business glossary is essentially a list of terms used by a business, including their definitions, and any other relevant information. The purpose of a business glossary is to create a standardized, unambiguous vocabulary used by all members of an organization. To illustrate why this is important, consider the term “customer”. This could refer to either an individual or an organization, which might result in miscommunications, skew business logic and … Read more

Digital media assets such as documents, images, videos, software are valuable content whose loss or unauthorized use could cause significant loss to the owners and copyright holders. Therefore, they require protection from people who may want to exploit them for their gain. This is often a challenge due to the digital nature of storage and delivery of these assets. This is where digital rights management or DRM comes in. Digital … Read more

In network security, lateral movement is best described as a technique, strategy, or process that cybercriminals use to gain access and progressively move deeper into a network searching for valuable and sensitive data and high-value assets. After the initial entry to a network through a phishing or malware attack on an endpoint, the attacker begins infiltration of the network by impersonating a legitimate user. They continue the attacks by gathering … Read more

The Local Security Authority (LSA) Subsystem Service is a process in Microsoft Windows that verifies logon attempts, password changes, creates access tokens, and other important tasks relating to Windows authentication and authorization protocols. Microsoft Windows is and has always been, a prime target for cyber-criminals. The obvious reason for this is because it is the most popular operating system. Cyber-criminals will try numerous techniques to gain access to a Windows … Read more

Both SharePoint and OneDrive are products developed by Microsoft and are included in the Microsoft 365 suite (formally known as Office 365). They both offer file storage and file-sharing capabilities and are used by a large number of businesses and schools across the globe. However, unlike SharePoint, OneDrive has a version that is free for personal use, and all you need to get started is a Microsoft Online account. In … Read more

A Security Operations Center (SOC) is a unit within an organization whose role is to continuously monitor, analyze and improve the organization’s security posture. The SOC will typically work around the clock in order to safeguard sensitive data and comply with the relevant data privacy regulations. The SOC will also be required to investigate, remediate, and report on security incidents, which includes working closely with the incident response team (assuming … Read more

Azure AD is a popular cloud-based directory and identity management service, developed by Microsoft. While it is essentially based on Active Directory, Microsoft’s on-premises identity management solution, Azure AD provides a number of additional features and benefits, which we will cover in this article. To summarize, Azure AD is cost-effective, easy-to-use, and can be integrated into a wide range of platforms and applications, both on-premise and ‘in-the-cloud’. It provides a … Read more

If there’s anything positive we can take from the ongoing health crisis, it’s that the traditional “9 to 5” office-based working environment has been disrupted, and, to some extent, replaced with a more flexible and remote model. Of course, this paradigm shift was inevitable, but there’s no harm in accelerating the process. According to the following blog post, 31% of employees want a more flexible approach to work. Given that … Read more

  An information security policy (ISP) is arguably the most important cybersecurity policy an organization can have. Essentially, an ISP defines the protocols and procedures for identifying, evaluating, mitigating, and recovering from security threats. An ISP is data-centric, in that its main objective is to protect data confidentiality, integrity, and availability (known as the CIA triad). An ISP will cover a broad range of areas including access control, data classification, … Read more