Data Security & Compliance Blog

When discussing information security trends in the event of a recession, the problem is that we are heading into uncharted waters. The number of annual data breaches have been constantly rising since 2005. We are also seeing an increase in the number of data breaches following the housing market crash of 2008, which is what we would expect, as cyber-criminals never let a crisis go to waste. Given the increase … Read more

Let’s face it, 2020 hasn’t got off to a great start. The coronavirus pandemic, which has so far infected more than 550,000 people globally, has forced Governments across the globe to effectively shut down large parts of their economies, with citizens in many countries being required to stay at home. The travel industry has been badly damaged due to the travel restrictions, and we’ve already seen a historic surge in … Read more

The spread of Coronavirus and the associated illness, COVID-19, is all anybody is talking about right now – and for good reason. COVID-19 is changing the way enterprises are operating, forcing many employees to work from home in a bid to practice social distancing and limit the spread of the disease. The full effects of the pandemic to businesses and the general public are yet to be realised, with the … Read more

According to a recent survey, 74% of breaches involved access to a privileged account, and yet many organizations are still failing to take the steps necessary to prevent the abuse of privileged credentials. Ensuring that privileged accounts are secure requires Identity and Access Management (IAM) – a term used to describe the process of managing digital identities and controlling what assets those identities are allowed access to. IAM consists of … Read more

According to a recent survey by Syncsort, there are inconsistencies relating to how confident companies are about the strength of their cyber-security posture, and how well they actually fare when it comes to protecting their systems and data. 85% of the respondents expressed confidence in their ability to stave off cyber-security threats, while 41% admitted to suffering a security breach. Additionally, 20% of respondent said they didn’t know if they … Read more

The Lightweight Directory Access Protocol (LDAP) is an industry-standard application protocol used by Windows Server Active Directory (AD) to maintain directory services. Client devices and applications authenticate with AD using LDAP ‘bind’ operations. LDAP simple binds send user credentials over the network in cleartext. I.e. there is no encryption of the username and password. While AD supports simple binds, it is not a recommended approach. Applications that use LDAP simple … Read more

Password and account lockout policies in Active Directory needn’t be all or nothing. In this article, I’ll explain how to set password and account lockout policies for specific groups of users and some best practices you should follow in the process. Active Directory Account Policies Active Directory (AD) domains are configured by default with password and account lockout policies that apply to all user accounts in the domain. Each domain … Read more

Universal Plug and Play (UPnP) is something that all of us have probably come into contact with without even realizing. If you’ve ever bought a new printer and noticed that your computer, phone and tablet are all able to recognize the device automatically, you’ve lived UPnP. If you fancied playing that song from your phone a little louder by broadcasting it to Alexa or some other wireless speaker, that’s UPnP. … Read more

Active Directory (AD) is pretty much the go to domain authentication services for enterprises all over the world and has been since its inception in Windows Server 2000. Back then, AD was pretty unsecured and had some flaws that made it particularly difficult to use. For example, if you had multiple domain controllers (DCs), they would compete over permissions to make changes. This meant that you could be making changes … Read more

A few questions we get asked on a regular basis are “how do we compare with Varonis?” and “is Lepide an alternative to Varonis?” To answer this question, I’ve created this blog and, whilst I’ve tried to be as unbiased as I can, clearly, I have a favorite. It’s also important to know this blog is in many places anecdotal, created from information obtained either from direct customer feedback or … Read more