How to Classify Data in Office 365

Organizations have a tendency to hoard large amounts of unstructured data, some of which may contain data that is confidential, such as credit card numbers, passport numbers, health-related information, and so on. When I say, “unstructured data”, I’m talking about data that doesn’t fit into a traditional relational database, with rows, columns, and keys. Such data might include Word … [Read more...]

On-Premise vs Cloud Data Storage: Pros and Cons

Even before the current health crisis began to unfold, many executives and IT personnel have been debating about the practicalities and implications of storing and processing sensitive data in the cloud. Using cloud services for the storage and processing of valuable data is understandably tempting, as it allows organizations to eliminate numerous costs and responsibilities. There are, however, … [Read more...]

What Are Office 365 Groups?

Office 365 Groups are similar to the security groups we see in Active Directory, however, they come with some additional benefits, which we will explore. Firstly, let’s clarify what a “group” actually is. What is an Office 365 Group? A group is a bit like a container which users are placed in. Each group will have a set of permissions assigned to it, which determine how the users … [Read more...]

AWS Security Management and Best Practices

Amazon Web Services (AWS) has become one of the most popular cloud service providers on the market. As with most reputable cloud providers, AWS is relatively easy to use, scalable, affordable and flexible. They typically provide reliable encryption and security features, and various collaboration services that can help organizations streamline their business operations. However, when using any … [Read more...]

Active Directory Security Best Practices

Attackers are persistent in their pursuit to compromise Active Directory services due to their role in authorizing access to critical and confidential data. As organizations expand, their infrastructure becomes increasingly more complex, which makes them a lot more vulnerable to attack as it is harder to keep track of important system changes, events and permissions. It’s also becoming a lot … [Read more...]

Auditing Administrator Access Rights in Active Directory

IT administrators require elevated rights in Active Directory to carry out certain tasks, a fact that we can’t deny. However, should an attacker gain access to a user account in AD with admin-level privileges, they will have free reign to do pretty much anything they choose. They can potentially download a database containing large amounts of PII, or access folders containing valuable … [Read more...]

Active Directory Security Groups Best Practices

Active Directory security groups are used to give users or groups access to certain resources. If your Active Directory security groups are mis-configured or compromised, then your sensitive data could be at risk. In this article, I’m going to go through some best practices for your Active Directory security groups to ensure that you can maintain the security of your AD. Ensure Default Security … [Read more...]

What Are Active Directory Security Groups?

98% of security threats start with Active Directory. Active Directory literally holds the keys to your kingdom. If the right security principles aren’t set up and you are giving excessive permissions to your users, you are leaving yourself exposed to potential security threats. Within Active Directory, there are numerous security protocols to choose from to implement a policy of least privilege … [Read more...]

Hardening Active Directory and Securing Unstructured Data Stores

Unstructured data is any data that is not stored in a pre-defined schema, and can include Word, text and PDF documents, photos, videos, MP3s, emails, data obtained via social media platforms and various types of personal data. According to a forecast by the IDC, 80 percent of global data will be unstructured by 2025. Unlike a relational database, for example, unstructured data can be difficult to … [Read more...]

Are Healthcare Providers Getting Worse at Preventing Data Breaches?

I would love to tell you that we’re making progress when it comes to minimizing the number of data breaches affecting healthcare service providers across the globe, but unfortunately, it doesn’t appear to be the case. In fact, the evidence from 2019 suggests that we may well be getting worse… In 2018, we recorded 503 healthcare related data breaches, with approximately 15 million … [Read more...]