Office 365 Data Loss Prevention Tips

Over the past fifteen years, we’ve seen a relatively consistent increase in the number of annual data breaches. We’ve also seen an increase in the number of stringent data privacy laws being introduced across the globe, and a failure to comply with these laws may result in large fines being levied against the non-compliant organization. That said, 2020 has actually seen a decrease in … [Read more...]

Cyber-Security vs Cyber-Resilience

While the difference between cyber-security and cyber-resilience might not be obvious to some, the implications of failing to address both are significant. In simple terms, cyber-security describes an organization’s ability to protect themselves from security threats, such as malware, phishing, DDoS, SQL injection and insider threats. Cyber-resilience, on the other hand, focuses more on … [Read more...]

Data Security Risk Assessment Checklist

Carrying out regular data security risk assessments is vital to establishing current security gaps and recommending remediations for breach prevention. Many compliance regulations mandate risk assessments as part of a comprehensive security strategy. What is a Data Security Risk Assessment? Data risk assessments can be broken down into three fundamental steps. First, identifying what the risks are … [Read more...]

Microsoft Teams Security, Tips and Best Practices

Remote working and COVID-19 have accelerated the use of Microsoft Teams over the last 12 months. As a collaboration and sharing platform, MS Teams has been a savior to many remote working teams. However, not unlike other collaboration and sharing platforms, MS Teams does have a number of security vulnerabilities that security and IT teams need to understand and address. In this blog, we will go … [Read more...]

Best Practices for a Cybersecurity Audit

Cybersecurity audits help organizations establish whether their current cybersecurity practices, policies and tools are up to the task of keeping their data and systems secure. However, cybersecurity audits can be tricky to do on a regular basis when you aren’t sure exactly what to look for. In this blog, I will go through some best practices for your cybersecurity and internal audit to give you … [Read more...]

Microsoft Office 365 Security Recommendations: How Lepide Helps

With increasingly more people working from home as a result of the ongoing coronavirus pandemic, many organizations have been switching to Microsoft Office 365, and other cloud-based collaboration platforms to help streamline their business operations. However, there are a number of security implications that need to be considered before doing so, and organizations need be aware of the … [Read more...]

What is Sensitive Data and How Do You Protect it?

Sensitive data is any data that, if exposed to the general public, would incur some form of cost to the organization who is entrusted with the data. Such costs may include breach notification costs, loss of revenue from system downtime, loss of customers due to reputational damage, costs associated with redress and reparation, and possibly even costs associated with lawsuits and fines. Examples of … [Read more...]

What are DCSync and DCShadow Active Directory attacks?

As you probably know already, a domain controller is a server that responds to security authentication requests within a Windows Server domain. A DC will host the Active Directory Domain Services (AD DS) database, which is used to manage users and computers and authenticate them to other services on the same domain. Both DCSync and DCShadow attacks are what are referred to as “late-stage … [Read more...]

Controlling the Blast Radius of an Attack

It should come as no surprise to hear that the faster you can identify and contain a security incident, the less costly it will be, hence why it is crucial that any organization that stores large amounts of valuable data has a tried and tested incident response plan (IRP) in place. Yet, as much as 77% of companies don’t have a formal IRP, according to a recent IBM survey. Of … Read … [Read more...]

Why Transparency and Traceability Are Important Traits for Data Security

Knowing what data we have, where it is located, how it is being accessed, and by who, is crucial to ensure that we are able to adequately protect it. We need as much transparency as possible into the security controls that are in place, and whether or not those security controls are effective. Having visibility into all areas of our system, enables us to be more proactive, rather than reactive. … [Read more...]