3 Ways Data Discovery and Classification Improves Data Security

Simply put, data discovery is the process of locating where your data resides within your core infrastructure, databases and siloes. Classification is then the process of labelling that data logically to give context and an understanding of the type of information itself. For example, a file containing passport details could effectively be labelled as PII (personally identifiable information) and … [Read more...]

Is GDPR Working to Increase Data Security?

It’s been almost five months since the GDPR was enforced and, on the face of it, the world took notice and realized the importance of compliance. Regulatory bodies and governments even began to make their own data protection regulations tighter in line with the new requirements, such as the UK government did with the Data Protection Act. With the GDPR, in effect, up and running, you would expect … [Read more...]

Automation is the Key to Effective Cybersecurity

The word “cyber-criminal” conjures up a picture of a computer nerd, sitting alone in their basement, iterating through passwords in an attempt to gain access to some top-secret files. However, these days, the reality is that many “cyber-criminals” are actually just automated bots seeking vulnerable systems to exploit. If we are to tackle the issue of cyber-crime, we need automated solutions in … [Read more...]

Why Privileged Accounts Are A Gateway to Cyber Attacks

Thanks to more widespread reporting in mainstream media outlets, it is no longer rare to hear about data breaches causing serious damage to your organization. We are also finding that it is becoming more common to hear about cyber-attacks perpetrated by people from within the organization than from outside hackers. This is because your users, and in particular your most privileged users, are the … [Read more...]

Do Disabled and Deleted Accounts in SharePoint Create a Security Risk?

Many organizations, at some point in time, require contractors or third-parties to work alongside their employees on particular tasks. To ensure that they have access to everything within the system that they require to do their job, they are awarded the required privileges through a user account in Active Directory. They can then collaborate with employees in the organization through SharePoint … [Read more...]

How Data Access Governance Compliments Privileged Access Management

It’s that time of year when you might be expecting many of your employees (some of which will be privileged users) to take some well-earned holidays. In their absence, much of the work is delegated to other members within the organization or even to contractors in some cases. In the case of your privileged users, for this to happen, often temporary access needs to be provided. Managing this … [Read more...]

How Active Directory is Evolving in 2018

Active Directory has long been a go-to platform for many organizations for centralized user account information. Because of its wide adoption, it has become a high value target for attackers – often attempting to steal credentials and elevate their privileges for access to the most sensitive data. As per a recent Forrester report on the State of Microsoft Active Directory 2018, there are a few key … [Read more...]

Top 10 Signs That Your System Has Been Compromised

Advanced Persistent Threats (APTs) rely on our inability to detect, alert and respond to any indicators that may suggest that our system has been compromised. Such indicators include; unusual account activity, traffic patterns, registry changes, and anomalous file and folder activity. Below are the top 10 different ways to tell if your system has been compromised. 1. Suspicious Privileged Account … [Read more...]

The Difference Between Windows Active Directory and Azure AD

Apart from the obvious difference in on-premise vs cloud location, there are many more nuanced differences between Windows Active Directory and Azure AD. Due to the changing nature of how organizations interact with data, Microsoft were pretty much forced to create a cloud-based directory, using completely different code bases and with completely different purposes. This means that you cannot … [Read more...]

5 Steps for Developing a Successful Data Access Governance (DAG) Program

Unstructured data (which includes emails, PDFs, documents, presentations, intellectual property and any other data that may exist beyond the scope of your application or database) is fast becoming a prime target for cyber-criminals. To ensure that your unstructured data is sufficiently protected, you will need a Data Access Governance (DAG) program. A common issue, however, is that organizations … [Read more...]