Stopping Legitimate Login Credentials being used for Security Breaches

Stopping Legitimate Login Credentials being used for Security Breaches

Many data breaches involve the use of legitimate login credentials. Guarding against these ‘insider threats’ means better protecting all authenticated users access to the network, and the sensitive information within. The Threat from Human and Authenticated Users There is now widespread recognition that the insider threat is very serious but in most sectors there is insufficient … Continued

HIPAA Access Control

HIPAA Access Control

Access control is the first Technical Safeguard Standard of the HIPAA Security Rules. It is described in HIPAA compliance as the responsibility for all healthcare providers to allow access only to those users (or software programs) that have been granted access…

Five Ways to Never Trust, Always Verify, in Zero-Trust IT

Five Ways to Never Trust, Always Verify, in Zero-Trust IT

Is your IT like an M&M? Does your security have a hard, crunchy exterior and soft, chewy interior? The following is a guest post from Andy Doyle at PNL Tools, a leading UK based, professional services provider and IT reseller that work…

Concurrent Session Control in Healthcare for CMS compliance

Concurrent Session Control in Healthcare for CMS compliance

“UserLock is the only solution on the market that allows our organisation to fulfill the CMS compliance requirements for its government contracts. It is absolutely critical to our business in this respect, but brings with it numerous other benefits in…

A Failure to Enforce Unique Employee Logins for ISO 27001 Compliance

A Failure to Enforce Unique Employee Logins for ISO 27001 Compliance

The legal and law enforcement sector is risking compliance and security issues by failing to provide and enforce unique employee logins. Our latest report ‘Legal and Law Enforcement: Information Access Compliance‘ found that despite requirements by regulation global standard ISO 27001, 31% of…

How an Insider Threat Assessment Can Help You Uncover Gaps in Protection

How an Insider Threat Assessment Can Help You Uncover Gaps in Protection

The following is a guest post from Greg Cullison, Senior Executive of Security, Stability & Insider Threat Programs at Big Sky Associates The issue of ‘Insider Threat’ may be one that has recently crossed your desk. If so, you are aware that insiders can cause harm in ways that are not as easy for outsiders … Continued

Growing Access Management Responsibilites for 2016

Growing Access Management Responsibilites for 2016

Access management responsibilites are extending. There are more and more reasons people need access to information to do their jobs. And it’s not just employees. The ‘extended enterprise’ means your supply chain, your partners and even your customers need access, or temporary access, to sensitive information such as company data, financial data, patient data and personal data. … Continued

Why creating a culture of security awareness is crucial in tackling insider threat

Why creating a culture of security awareness is crucial in tackling insider threat

Last month was European Cyber Security Month (ECSM), and this year’s theme was ‘Cyber Security is a Shared Responsibility’, reflecting the notion that cyberspace cannot be secured without the help of all users. Meanwhile, Week 2’s topic ‘Creating a culture of…

File System Auditing

File System Auditing

Rated as “highly recommended” by WindowSecurity.com and given its Gold Award, FileAudit 5 greatly simplifies the critically important job of monitoring and auditing access to folders and files across Windows File Systems.  Access to Sensitive Files There’s hardly a day that goes by that we don’t…

Technical Safeguards HIPAA & IS Decisions

Technical Safeguards HIPAA & IS Decisions

HIPAA’s Security Rule divides its protections into three “safeguard” categories: technical, administrative and physical. This post outlines how both UserLock and FileAudit help meet different security requirements of the HIPAA technical safeguards and better protects patient data. What are Technical Safeguards The Technical Safeguards…

Better Understanding the Insider Threat

Better Understanding the Insider Threat

The fact is that many, if not most, security breaches involve internal users, and this risk is known as ‘Insider Threat’. Creating a culture of cybersecurity within and for your employees is paramount in helping to safeguard your company against…

Secure Remote Access to an Exchange 2013 Mailbox with UserLock 8

Secure Remote Access to an Exchange 2013 Mailbox with UserLock 8

Unauthorized access to users’ Exchange 2013 mailbox is a key security concern for many organizations. In a previous article (that we advise you to read first), we explained how UserLock 7 can control remote access to Exchange 2010 mailbox through either Outlook Web Access (OWA) or ActiveSync. In this article we will outline how UserLock … Continued

IS Decisions receives the Label France Cybersecurity for UserLock

IS Decisions receives the Label France Cybersecurity for UserLock

Following a general review of the French government’s cybersecurity plan, IS Decisions was one of 18 companies awarded quality labels as a further assurance to users that their systems are effectively protected from cyber threats. A Quality Label for French Cybersecurity Solutions France Cybersecurity is a national association where industry professionals, end users and government experts … Continued

The wonderful thing about healthcare compliance

The wonderful thing about healthcare compliance

“The wonderful thing about standards is that there are so many of them to choose from.” — Rear Admiral Grace Murray Hopper, pioneering computer scientist Despite HIPAA’s security rules imposing restricted access to electronic patient information and increased recent pressure…

Healthcare Compliance Report – Data Security Posture

Healthcare Compliance Report – Data Security Posture

IS Decisions report Healthcare: Data access compliance, highlights several issues that have a direct effect to security of information within the healthcare industry. The report follows a narrative of a user’s employment from what happens when they start employment, through the…

Protecting Files from Unauthorized Access

Protecting Files from Unauthorized Access

FileAudit, which enables IT professionals to proactively monitor access to company-sensitive files and folders on Windows systems in real time, has received a major update. The latest version, FileAudit 5, includes three significant new features to better protect files from…

MeriTalk Insider Job. Actions to Minimize the Risk of Insider Threat

MeriTalk Insider Job. Actions to Minimize the Risk of Insider Threat

Released today, MeriTalk’s Inside Job. The Federal Insider Threat Report surveyed 150 Federal IT managers on insider threat. The new report examines actions agencies should take to minimize risk and cyber incident consequences. The consequences are real. In the past year, nearly…

HIPAA unique user identification in a Windows System

HIPAA unique user identification in a Windows System

Healthcare is one of the most information intensive industries in society today, with patient data naturally being of a very sensitive nature, and the handling of that data often very complex. So to help protect this information, US medical organizations must adhere to HIPAA (Health Insurance Portability and Accountability Act), a set of regulations enforced … Continued