Archive for the ‘Security’ Category

Audit changes to Group Policy to stay secure and provide continuity of IT services. Group Policy is a critical component of Windows Server Active Directory (AD). It can be used to manage the user and system configuration of servers and end-user devices, including registry settings, user environment setup, security, and software configuration. As a powerful tool that can help organizations standardize system configurations across their environment, it also comes with … Read more

According to Symantec’s 2016 Internet Security Threat Report, 43% of cyber-attacks target small businesses. In both the UK and US, small and medium-sized businesses (SMBs) account for approximately 99% of all businesses. To make matters worse, SMBs are usually less equipped to defend themselves against cyber-attacks due to the limited resources available to them. Additionally, cyber-attacks in the SMB sector are more likely to go unnoticed for longer periods of … Read more

The most valuable data in your organization is likely to be held in Active Directory (AD), databases, and on file servers. We often pay a lot of attention to securing AD and databases but file servers should also be appropriately secured. Here are my top 10 tips for keeping file servers protected. 1. Physical security Don’t let somebody walk out the door with your file server. But server theft isn’t … Read more

According to the mid-year data breach report, published by the Identify Theft Resource center, the number of data breaches in the US have hit a 6 month record high of 791. Compared with figures from 2016, this represents a 29% jump in the number of reported breaches. Should this trend continue, it is estimated that the total number of breaches in 2017 could rise to a staggering 1,500. The ITRC … Read more

Peep show became a huge hit in the mid-2000s, partly due to the cringe-inducing story lines, the hilarious comedic timing of Mitchell and Webb and the amount of times we all agreed with the inner monologues of Mark Corrigan. You wouldn’t think that there would be any real-world IT security lessons that could be taken from this show, but you’d be wrong. One of the many charms of Peep Show … Read more

Active Directory controls access to your critical systems and data, so is the ultimate target for hackers because it holds the keys to your entire kingdom. Here are 10 steps you can take to ensure that your business stays protected. 1.Physical security Domain controllers (DCs) should be placed in a physically secure location. Once physical access is gained, protections you have in place can potentially be overridden. 2.Deploy RODCs where … Read more

Half way through writing an article about how the number of high profile data breaches in 2017 has been an increase on last year, yet another monumental, yet avoidable, leak takes place. This time, sensitive and personal information of millions of transporters in Sweden, along with much of the military secrets of Swedish government, was allegedly leaked by the Swedish government themselves. This incident is set to be one of … Read more

Organizations around the world are still cleaning up the devastation left behind by Petya and the WannaCry ransomware, with damage ranging from minor inconvenience to complete shutdowns of company operations. Hackers are taking the lessons learned from Petya and WannaCry to create new variants that improve the ability to move undetected between devices using the EternalBlue exploit, or in other words, the vulnerability in the Server Message Block (SMB) 1.0 … Read more

What is HIPAA compliance? HIPAA, the Health Insurance Portability and Accountability Act, is the standard for ensuring that sensitive patient data is protected. Any company dealing with protected health information (PHI) must comply to this regulation by ensuring that all the required physical, network and process security measures are in place and followed. Companies that transmit or maintain health information, such as the NHS in the UK, must ensure they … Read more

According to Verizon’s 2017 Data Breach Investigations Report, 25% of data breaches involve insiders. And in 60% of cases, insiders take data to sell later, or 15% to a new employer or to start a rival company. Data theft doesn’t necessarily require any technical skill if users already have access to the information they need, and can be detected or prevented using logging, monitoring large data transfers and removeable USB … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.