Why Group Policy Auditing is Important

It will come as no surprise that Windows out of the box isn’t secure. Many of the vulnerabilities that exist within Windows can be addressed through Group Policy Objects (GPOs). Group Policy allows administrators to control the working environment of both user and computer accounts. If used correctly, GPOs can, for example, allow you to work towards a policy of least privilege where users have … [Read more...]

5 Active Directory Changes You Need to Audit

Active Directory is a critical part of any organization’s IT infrastructure. Unwanted changes in Active Directory could result in potentially disastrous consequences for the security of data. Changes to user accounts, passwords, group memberships and more could lead to excessive permissions and increased risk of privilege abuse. For those reasons, and more, it is essential that you continuously … [Read more...]

4 Common Challenges with Auditing Your IT Environment (and How to Solve Them)

We have spoken with countless IT professionals, from CISOs to System Administrators, and we always ask them what their biggest challenges are with data security and auditing in general. Whether you’re performing your audit internally, of you are an external consultant, you may face numerous challenges that prevent from being successful. In this blog, I have combined the four most common audit … [Read more...]

3 Ways Monitoring Exchange Online Improves Security

Regardless of where you host of your email, whether it’s by a 3rd party or internal, it is by far one of the most common entry points for external attacks into your systems and data. Because of its importance when it comes to data security, monitoring Exchange Online is critical if you are to ensure its security. More and more organizations are now choosing to host their emails in the … Read … [Read more...]

What is a Brute Force Attack? The Complete Guide

A brute force attack is essentially a way of guessing a password, or gaining access to something locked, simply by repetitive, trial and error-based guesswork. It is essentially the cyberattack equivalent of trying out every combination on a keypad to a locked room, hoping that eventually you’ll find the right one. This might sound like a fairly unsophisticated attack, but it is a popular one with … [Read more...]

What is User Activity Monitoring and How Should You Implement it?

What Does User Activity Monitoring Mean? User Activity Monitoring (UAM) solutions are software tools that essentially track monitor and alert on the activity and overall behavior of your users. The most common application of user activity monitoring tools is in the detection and prevention of insider threats. The simple fact is; your users are the most likely source of a data breach in your … [Read more...]

How LepideAuditor Can Help Companies Comply With CCPA

The California Consumer Privacy Act (CCPA) is a new data protection bill that will come into effect on the 1st of January 2020. The CCPA is designed to give Californian citizens more control over how their personal data is stored and processed. The CCPA applies to any for-profit company that collects, stores and trades personal data belonging to Californian residents. Under the CCPA, companies … [Read more...]

Aggregating & Auditing Data from Multiple Cloud Services Using a DCAP Solution

Accordingly to a recent report by rightscale.com, 93% of organizations are using cloud computing in some form or another. This is hardly surprising as cloud solutions are becoming increasingly more affordable and easier-to-use. These days, companies can actually save money by switching to the cloud, as they don’t need to manage and maintain their own infrastructure, which would require … [Read more...]

Why Auditing Office 365 Natively Isn’t Enough

More than three quarters of enterprises have at least one application (or a portion of their enterprise computing infrastructure) in the cloud. In fact, enterprises predict that their cloud spending will exceed $3.5 million in 2018. These statistics, taken from the 2018 Cloud Computing Study, would certainly suggest that the previous concerns surrounding cloud cybersecurity are becoming less … [Read more...]

How LepideAuditor Can Help to Protect Active Directory

Should an attacker gain access to your Active Directory (AD), you could find yourself in a lot of trouble as AD serves as the gatekeeper to your critical assets. It is imperative that you have as much visibility as possible so that you can quickly recognise and respond to any suspicious behaviour that takes place on your network. Sure, AD will generate event logs which you can scrutinize in order … [Read more...]