Archive for the ‘Security’ Category

According to a recent report by Bitglass, in 2016 there were 328 data healthcare data breaches reported in the US. That’s 60 more breaches than there were in 2015. An estimated 16.6 million US citizens were exposed as a result. The breaches were caused by various hacks, lost or stolen devices, and unauthorized disclosure of sensitive information. However, while the number of reported breaches are increasing, the overall number of … Read more

Misconfigured Domain Controllers (DCs) present a major security risk for Active Directory. To ensure that your Domain Controllers are configured correctly, you will need to closely review the default Domain Controller Policies, create Domain Controller GPOs (Group Policy Objects) and configure Group Policy Settings. Your policy will need to include patching and protecting Domain Controllers, and include an effective DC auditing strategy for monitoring and reporting changes to event logs. … Read more

Wonga, the British payday loan company, has fallen victim to a data breach affecting an estimated 270,000 customers. The stolen data includes names, addresses, phone numbers and bank account details – including the last four digits of customers’ bank cards. Shortly after the breach was discovered, Wonga began contacting customers and setup a dedicated help page and phone line to deal with inquiries. The firm said it was “urgently investigating … Read more

Attackers are persistent in their pursuit to compromise Active Directory services due to their role in authorising access to critical and confidential data. As organisations expand, their infrastructure becomes increasingly more complex, which makes them a lot more vulnerable to attack as it is harder to keep track of important system changes, events and permissions. It’s also becomes a lot harder for organisations to determine where their sensitive data is … Read more

Configuration drift is a naturally occurring phenomenon whereby configuration items (CIs), such as computers or devices on an organisation’s network, drift towards an inconsistent state. This problem occurs on both private and cloud-based networks. While there are a number of causes of configuration drift, it’s essentially the result of conflicting changes made to device’s, software, services and configuration files, which are not systematically monitored by the IT department. It is … Read more

In many organizations, servers are managed without any oversight, and this often leads to unwanted configuration changes. Here are three reasons why you should consider implementing change control in your business, no matter how large or small. Change control is a business process that aims to ensure a systematic approach is taken to making configuration changes to IT systems. But many organizations don’t have a process for managing IT change, … Read more

The GDPR is an EU regulation that will come into effect from 25 May 2018. The new directive aims to ensure that organisations have policies and procedures put in place to protect the data of EU citizens. Below is a checklist that is designed to assist organisations in complying with the GDPR. Awareness All employees, whether they are IT staff, executives, general administrators, consultants, sales and marketing executives, human resource … Read more

In this post, I’ll explain how Privileged Access Management (PAM) in Windows Server 2016 can be used to protect privileged credentials, and provide an outline of the solution’s architecture. It’s common to find IT staff assigned permanent domain administrator privileges, or others that are local administrators on devices used for managing the domain and sensitive systems, making it easier for malicious users to hack line-of-business systems. Adding users to privileged … Read more

Introduced in Windows Server 2008, Access-Based Enumeration (ABE) provides system administrators with an additional tool for protecting sensitive information on file servers. First available as an add-on package for Windows Server 2003 before being available out-of-the-box in Windows Server 2008, ABE prevents users from seeing files and folders to which they don’t have access, which might be useful in cases where folder names contain sensitive information, if the location of … Read more

There are three basic principles to consider when deciding how to provide access to sensitive data in a secure manner, namely: Confidentiality, Integrity, and Availability. These principals are collectively known as the CIA triad. Confidentiality The level of confidentiality will naturally determine the level of availability for certain data. Confidentiality is a question of how, and where, the data can be accessed. To ensure confidentiality, one must safeguard the data … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.