<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2923012&amp;fmt=gif">

Two Factor Authentication for Office 365 (Part 1)

Password complexity has been touted for some time to prevent identity theft. Especially in an Active Directory environment. Typical password complexity rules in Active Directory are:

  • Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
  • Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
  • Base 10 digits (0 through 9)
  • Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
  • Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.
Read More

AWS Security Best Practices: Decoding the Shared Security Model

Navigating today’s threat landscape and ensuring security in the public cloud is more important than ever. When it comes to AWS security best practices, businesses must start with an understanding of the AWS Shared Responsibility Model. Unfortunately, many companies don’t fully understand that shared model and who is responsible for what,  despite the AWS clear statement:

Read More

Creating an IT Security Strategy

Editor’s note: This article is an excerpt from the Essential Guide to IT Security Strategy.

Businesses in the digital age can no longer rely on disconnected security tools, alongside robust protocols and policies, to avoid increasing IT security threats. The development of a proactive and multidimensional strategy for securing data and your organization’s IT infrastructure is built on well-developed security policies, and overall strategy. However, the first step toward developing that security strategy is to conduct a thorough and in-depth threat assessment.

Read More

Patch Management Best Practices for Critical Vulnerabilities

With the recent Spectre and Meltdown flaws sending a wave of disruption across IT and all business communities, the scope of the problem continues to unfold. Either one or both of the flaws are present in Intel chips from the last 15 years embedded in countless processors running PCs, servers, and phones.

Read More

4 Security Risks of Shadow IT

According to Gartner’s Top 10 Cloud Security Predictions, by the year 2020, a third of all successful attacks on businesses will be against their shadow IT resources. Businesses can no longer ignore the risks of shadow IT and must take preventative steps against it.

Read More

5 Types of IT Security Threats Facing Businesses

According to the Verizon 2017 Data Breach Investigations Report, 51 percent of breaches included some form of malware. While malware in all of its forms is a pervasive threat, what most businesses should be focusing on is that there are numerous cyber threats that they need to guard against.

Read More

5 Ways to Overcome IT Security Threats

Cybersecurity has become a frequently used term in business these days.

Whether you hear it in the news or in a meeting, most people are aware that businesses everywhere, and every size, are being targeted by cyber criminals. Just recently companies such as Equifax, Netflix, Sonic, and Yahoo! found their names in the headlines as the latest victims. However, the smaller companies that are also victims hardly get a mention even though they account for 43 percent of all incidents, which cost them an average of $879,582 in damages.  

Read More

Preventing Malware: WSUS vs. SCCM

The Microsoft Windows Security Blog recently made it clear that WannaCrypt ransomware was leaving systems vulnerable to infiltration because of poor patch management. Despite this often-repeated truth, far too many organizations are still leaving vulnerabilities that fall short of preventing malware.

Read More

How to protect your company from an Equifax type security breach

Last week, the former CEO of Equifax testified in front of the house energy and commerce committee regarding the massive data breach that his company fell victim to earlier this year. This breach caused the exposure of approximately 143 million U.S. consumers personal and financial information.

In his testimony, Richard Smith explained that the breach was caused by the failure of a single individual to properly communicate and act on a patch to a critical vulnerability.

“Both the human deployment of the patch and the scanning deployment did not work,” Smith told Congress. “The protocol was followed.”

Read More

Crowdstrike Security Services: Malware and Ransomware Protection

Today, organizations are faced with the unique challenge of protecting critical assets and data from a more diverse and broad set of threats than ever before. Advanced malware and ransomware targeting the endpoint continues to evolve and morph at an incredibly fast rate.

Read More