Enterprise Network Security Blog from ISDecisions

Taking a Proactive Approach to Avoid Data Breaches

Taking a Proactive Approach to Avoid Data Breaches

  It seems like IT’s general approach to any kind of attack – which includes data breaches – is a reactive one. Think about it, in every kind of attack-related scenario – whether an external attack, an insider threat, malware infection, ransomware attack, etc. – the “business as usual” methodology is to detect the attack/infection … Continued

How are Data Breaches Detected

How are Data Breaches Detected

Sometimes the challenge with data breaches is to know they ever happened at all. Take these examples from the 2017 headlines: Company Breach Discovered Breach Occurred Verifone January 2017 mid-2016 Brooks Brothers May 2017 April 2016 – March 2017 California…

Does Meeting Compliance Include File Servers?

Does Meeting Compliance Include File Servers?

Those of you reading this are likely working in industries with compliance mandates around protecting specific data types from misuse. And, like most businesses today, you’re probably using some kind of industry-specific set of applications that host that data –…

Why is the Education Sector a Target for Cyberattack?

Why is the Education Sector a Target for Cyberattack?

Year over year, the same industry verticals seem to remain at the top of just about every analyst briefing, industry report, and infographic that are about security, threats, and attacks. Commonly, you repeatedly see Retail, Finance, Healthcare, and Education. But why?…

Active Directory User Login History – Audit all Successful and Failed Logon Attempts

Active Directory User Login History – Audit all Successful and Failed Logon Attempts

The ability to collect, manage and analyze logs of login events has always been a good source of troubleshooting and diagnostic information. Logons are the one common activity across nearly all attack patterns. They provide one of the clearest indicators…

UK politician password-sharing — maybe the security industry has been giving out the wrong advice?

UK politician password-sharing — maybe the security industry has been giving out the wrong advice?

A few days ago, a news story broke saying that many of the UK’s political leaders have been publicly (and almost proudly) proclaiming their own particularly poor passwords habits on Twitter. MP Nadine Dorries admits she regularly shouts the question “What is my password?” across the office, and after her being criticised on Twitter, MP … Continued

Permissions, Accounts or Logons. Where do you draw the line in Least Privilege?

Permissions, Accounts or Logons. Where do you draw the line in Least Privilege?

  Captain Picard (from Star Trek: The Next Generation) has been known to produce some pretty memorable quotes. One such quote comes from an episode where the Federation is fighting the Borg, with Captain Picard saying (in reference to where they must fight the Borg), “The line must be drawn here! This far, no further!” … Continued

Get Employee Logon Data through Webhooks

Get Employee Logon Data through Webhooks

With the launch of UserLock 9.6, organizations can now add the value of domain logon management to existing IT systems through an innovative use of webhooks. Webhooks — also known as ‘web callbacks’ or ‘HTTP push APIs’ — are a…

What’s Least Privilege Really All About?

What’s Least Privilege Really All About?

As we finish the upcoming whitepaper ‘Least Privilege and the Value of User Logon Management‘, we began thinking about how organizations may see the point of least privilege as being different things. We all know, at a minimum, the implementation…

External Attacks – It’s All About the Logon

External Attacks – It’s All About the Logon

It’s tough to come up with an effective counter-measure to external attacks when you can’t see your enemy. While there are plenty of stories in the news of how a certain company fell prey to a very specific attack, it’s…

Are You Just Waiting for a Compromise?

Are You Just Waiting for a Compromise?

The modern IT organization is well aware that compromises (in the form of both external attacks and insider threats) are more an issue of when than if. You’ve put up some defensive security solutions – AV, endpoint protection, email scanning,…

Why a decline for data breach costs is still not good enough

Why a decline for data breach costs is still not good enough

According to a recent study by international security research company, the Ponemon Institute, the average total cost of a data breach has declined by 10% globally. While it is encouraging to learn that global costs of data breaches have decreased, the fact remains that hugely disruptive data breaches are still happening alarmingly frequently all over … Continued

The convenience of single sign-on services (SSO) without compromising security

The convenience of single sign-on services (SSO) without compromising security

From an end user’s perspective, single sign on is a great idea. You log into one platform, which gives you access to multiple applications, programs and sites, with no need to log into each one individually. It’s convenient, quick and hassle free. But as of recent news, it’s also been proved to be a big … Continued

UserLock now supports both Windows and Mac computers

UserLock now supports both Windows and Mac computers

Today IS Decisions are pleased to announce a significant update to its flagship solution UserLock. UserLock 9.5 is the first version of the software in the company’s history to secure user logins from Mac computers. The launch comes at a time…

Lessons from the NHS: A bitter pill to swallow

Lessons from the NHS: A bitter pill to swallow

The WannaCry cyber-attack, which took place earlier this month, has made headlines all over the world over in recent weeks. Already documented as the biggest ransomware attack in history, the hackers shut down IT systems worldwide, with a staggering 75,000…

Orange Is The New Hack: Lessons from yet another ransomware attack

Orange Is The New Hack: Lessons from yet another ransomware attack

Post-production company, Larson Studios, which is responsible for hit Netflix shows such as Orange Is The New Black, is the latest victim of ransomware. Those responsible stole 10 episodes from the upcoming season five of the jail drama hit series…

Changing your password regularly makes you less safe, apparently

Changing your password regularly makes you less safe, apparently

Here’s an interesting view. According to Paul Edmonds, head of tech at the National Cyber Crime Unit, changing your password regularly makes you less safe. Not more. That’s a surprising opinion given we’re always being told to change our passwords…

How are you performing at access security?

How are you performing at access security?

Take part in our Active Directory Access Security Survey  We recently showed you how Hollywood blockbusters and classic TV series could have improved access security. Now it’s your turn to shine. We’d like your opinions on your challenges with Active Directory to manage ‘access’ risks. Tell us what’s important to you, what other third-party tools you may use, … Continued

Secured By miniOrange