Security

Organizations maintain hundreds of workstations, servers, and mobile devices; they all need protection from ever-growing malware applications and attacks, including worm viruses, trojans, spyware, and ransomware. Successful security breaches can cost organizations in lost productivity, damaged reputations, penalties due to failed regulatory compliance, and customer attrition. According to a WSJ Pro Research survey, businesses with…

With Windows Active Directory, a range of different account types can be set up with the necessary permissions, access, and roles. These include service accounts, which are intended for use when installing applications or services on the operating system. Common types of Active Directory service accounts include built-in local user accounts, domain user accounts, managed…

In 2002, Congress passed the Sarbanes-Oxley Act, named after its sponsors Senator Paul Sabanes (D-MD) and Representative Michael G. Oxley (R-OOH-4). Instituted “to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws,” the Sarbanes-Oxley Act (commonly referred to as SOX) established a stricter protocol for internal controls…

The modern world is advancing in every respect, and technology is advancing even faster. And now that companies handle most of our confidential data, how can we be sure what we share is safe? To earn our confidence, companies must implement powerful security systems. Many use SIEM (Security Information and Event Management) tools to protect…

Definition of Data Loss Prevention Data loss prevention (DLP) refers to the process of safeguarding data to protect it against thefts and leaks. This is typically done through software identifying and monitoring sensitive data to ensure only authorized users are accessing it. DLP tools also help ensure those authorized users aren’t putting the data at…

If we’ve learned nothing else about cybercriminal organizations over the last few years, we know for certain these folks are experts on Microsoft security. They’re no longer simply opportunistically gaining access to your network; instead, they’re leveraging known vulnerabilities in operating systems and applications and using the very network they’ve compromised to assist them in finding their intended target…

The world may run on coffee, but it’s the alarm clock that gets us out of bed. It operates on a simple threshold. You set the time that’s important to you and receive an alert when that variable is true. Like your alarm clock, today’s tooling for web service alerting often operates on simple thresholds,…

The multi-cloud approach to modern IT means workloads—whether virtual machines, containers, or minimal applications—can be located on any one of multiple independent infrastructures; whether running simultaneously for fault-tolerance or when being moved between these. In a modern IT deployment, workloads can (and will) regularly move between cloud and onsite deployments, whether for price, maintenance, latency, or…

The core of your organization’s security stance is built on a massive number of individual permissions to both on-premises and cloud-based resources. With the increase in cyberattacks, concerns around insider threats, and the growing need to meet multiple compliance mandates centered around data security of various types of data, it seems like permissions should be…

Keeping your network safe from intrusion is one of the most vital parts of system and network administration and security. If your network is penetrated by a malicious attacker, it can lead to massive losses for your company, including potential downtime, data breaches, and loss of customer trust. An intrusion detection system (IDS) is a…

Active Directory (AD) is one of the core pieces of Windows database environments. It provides authorization and authentication for computers, users, and groups, to enforce security policies across Windows operating systems. LDAP, or Lightweight Directory Access Protocol, is an integral part of how Active Directory functions. Understanding the role LDAP plays in the functioning of…

While Splunk may seem the obvious choice for log management and log analysis, some alternatives to Splunk are worth considering—many of which I believe lack disadvantages of Splunk and bring unique benefits to the table. Although no solution is perfect, and some will be better suited to your business’ individual needs than others, I feel…

If you’re an admin, you’re likely already familiar with SolarWinds and its array of highly rated products suited for just about every aspect of IT management. But you might not be familiar with SolarWinds® Access Rights Manager (ARM). This software exists because it’s critical for you to manage and audit access rights across the system—the…

Not all IT professionals are clear on IDS vs. IPS, even though these concepts are important for overall network security. Think of it this way: security alerts and responses go together. A burglar alarm won’t do you much good if it doesn’t somehow deter crime in progress. On the other hand, having the cops show…

A successful SIEM strategy is an investment—and sometimes costly. Managing SIEM is a resource-intensive process, requiring ongoing evaluations and adjustments to establish and maintain optimal performance. Despite this, going without a SIEM solution isn’t the answer, because this can leave you vulnerable to attack. Open-source SIEM and free SIEM tools can seem like the solution….

Managing patches across numerous workstations and servers is no easy task. But despite the grievances many IT professionals have with patch management (there are too many patches to keep up with, patches can fail during implementation, etc.), practicing patch management is critical. Without proper patch management, you’re exposing your company to hundreds of thousands of…

With the unrelenting news about security breaches, file integrity monitoring (FIM) software has become an indispensable tool for any organization. It helps improve data security, which is important for any company and shouldn’t be ignored. What Is File Integrity Monitoring? As opposed to other security measures, FIM solutions are specifically designed to monitor changes in…

As organizations invest more heavily in their digital infrastructure, the consequences of data breaches and cybersecurity attacks have also increased. Research from the Ponemon Institute indicates that the average cost of a data breach in 2018 rose by 6.4% compared with the previous year to a total of $3.86 million. Related to that, the average…

Distributed denial-of-service (DDoS) attacks are increasingly becoming a problem for global companies that have a significant portion of their business online. Knowing how to stop a DDoS attack is vitally important, especially considering that it can cost a business significantly in lost revenue. This might mean employing protection tools — my personal pick is Security…

As business technology and security systems continue to evolve, so do the tactics used by cybercriminals. In 2018, businesses worldwide lost $2.7 billion because of cybercrime, and research shows this number will continue to grow every year. These losses include ransoms paid to cyberattackers, fines, money paid for updates and repairs, and the costs associated…

Active Directory is essentially a registry containing all the information about a network, including users, groups, computers and printers, and servers. Each of these things, whether physical or virtual, is considered an “object” in Active Directory, and has various attributes assigned to it, such as a name, number, or group membership. Active Directory is used…