Enterprise Network Security Blog from ISDecisions

Active Directory User Login History – Audit all Successful and Failed Logon Attempts

Active Directory User Login History – Audit all Successful and Failed Logon Attempts

The ability to collect, manage and analyze logs of login events has always been a good source of troubleshooting and diagnostic information. Logons are the one common activity across nearly all attack patterns. They provide one of the clearest indicators of compromise to help protect company data and thwart attacks. The need to provide a … Continued

UK politician password-sharing — maybe the security industry has been giving out the wrong advice?

UK politician password-sharing — maybe the security industry has been giving out the wrong advice?

A few days ago, a news story broke saying that many of the UK’s political leaders have been publicly (and almost proudly) proclaiming their own particularly poor passwords habits on Twitter. MP Nadine Dorries admits she regularly shouts the question…

Permissions, Accounts or Logons. Where do you draw the line in Least Privilege?

Permissions, Accounts or Logons. Where do you draw the line in Least Privilege?

  Captain Picard (from Star Trek: The Next Generation) has been known to produce some pretty memorable quotes. One such quote comes from an episode where the Federation is fighting the Borg, with Captain Picard saying (in reference to where…

Get Employee Logon Data through Webhooks

Get Employee Logon Data through Webhooks

With the launch of UserLock 9.6, organizations can now add the value of domain logon management to existing IT systems through an innovative use of webhooks. Webhooks — also known as ‘web callbacks’ or ‘HTTP push APIs’ — are a…

What’s Least Privilege Really All About?

What’s Least Privilege Really All About?

As we finish the upcoming whitepaper ‘Least Privilege and the Value of User Logon Management‘, we began thinking about how organizations may see the point of least privilege as being different things. We all know, at a minimum, the implementation…

External Attacks – It’s All About the Logon

External Attacks – It’s All About the Logon

It’s tough to come up with an effective counter-measure to external attacks when you can’t see your enemy. While there are plenty of stories in the news of how a certain company fell prey to a very specific attack, it’s hard to translate that into an actionable response. So, you walk through the “usual suspects” … Continued

Are You Just Waiting for a Compromise?

Are You Just Waiting for a Compromise?

The modern IT organization is well aware that compromises (in the form of both external attacks and insider threats) are more an issue of when than if. You’ve put up some defensive security solutions – AV, endpoint protection, email scanning, etc. – all in an effort to minimize the threat potential. But, beyond that, what … Continued

Why a decline for data breach costs is still not good enough

Why a decline for data breach costs is still not good enough

According to a recent study by international security research company, the Ponemon Institute, the average total cost of a data breach has declined by 10% globally. While it is encouraging to learn that global costs of data breaches have decreased,…

The convenience of single sign-on services (SSO) without compromising security

The convenience of single sign-on services (SSO) without compromising security

From an end user’s perspective, single sign on is a great idea. You log into one platform, which gives you access to multiple applications, programs and sites, with no need to log into each one individually. It’s convenient, quick and…

UserLock now supports both Windows and Mac computers

UserLock now supports both Windows and Mac computers

Today IS Decisions are pleased to announce a significant update to its flagship solution UserLock. UserLock 9.5 is the first version of the software in the company’s history to secure user logins from Mac computers. The launch comes at a time…

Lessons from the NHS: A bitter pill to swallow

Lessons from the NHS: A bitter pill to swallow

The WannaCry cyber-attack, which took place earlier this month, has made headlines all over the world over in recent weeks. Already documented as the biggest ransomware attack in history, the hackers shut down IT systems worldwide, with a staggering 75,000…

Orange Is The New Hack: Lessons from yet another ransomware attack

Orange Is The New Hack: Lessons from yet another ransomware attack

Post-production company, Larson Studios, which is responsible for hit Netflix shows such as Orange Is The New Black, is the latest victim of ransomware. Those responsible stole 10 episodes from the upcoming season five of the jail drama hit series and threatened to release them online unless a ransom was paid. When these demands were … Continued

Changing your password regularly makes you less safe, apparently

Changing your password regularly makes you less safe, apparently

Here’s an interesting view. According to Paul Edmonds, head of tech at the National Cyber Crime Unit, changing your password regularly makes you less safe. Not more. That’s a surprising opinion given we’re always being told to change our passwords regularly to keep attackers at bay. It’s the equivalent of changing the locks. If a … Continued

How are you performing at access security?

How are you performing at access security?

Take part in our Active Directory Access Security Survey  We recently showed you how Hollywood blockbusters and classic TV series could have improved access security. Now it’s your turn to shine. We’d like your opinions on your challenges with Active Directory to manage…

File Access Auditing on Windows Servers

File Access Auditing on Windows Servers

The launch of FileAudit 5.2 continues to simplify folder and file access auditing on Windows Servers and help organizations guard against improper access, alteration or the destruction of sensitive data. A complete picture of access events FileAudit 5.2 finds the…

Credential Theft in Education. Protect your Institution against a Data Breach.

Credential Theft in Education. Protect your Institution against a Data Breach.

Cyber security news site, Dark Reading, recently reported on the news that millions of stolen and fake email credentials from across 300 of the largest universities in the US were available to buy on the Dark Web. The stolen and…

What companies can learn from the alleged Apple hack

What companies can learn from the alleged Apple hack

According to a report from Motherboard, a group of hackers is attempting to extort one of the most well-known companies in the world — Apple. The blackmailing is over alleged access to a collection of stolen user credentials for iCloud…

The misuse and compromise of any Active Directory users identity

The misuse and compromise of any Active Directory users identity

Earlier this month, Dark Reading reported that Active Directory mis-management by administrators is currently exposing a whopping 90% of businesses to cyber breaches. The research made by Skyport concluded that should an administrator’s password become compromised, the “blast radius will reach nearly every system in the enterprise“. It’s true — an administrator’s password that falls into the … Continued

Secured By miniOrange