Enterprise Network Security Blog from IS Decisions

Make data security even easier with FileAudit 6.5, now in beta

Make data security even easier with FileAudit 6.5, now in beta

  Calling all beta testers! Download FileAudit 6.5 today for a better way to spot issues faster, improve security, and stay compliant. FileAudit simplifies Windows file monitoring and auditing across files and folders on Windows servers and in the cloud. With this latest beta release, FileAudit 6.5 helps IT teams get even more visibility and … Continued

How AI makes password-based authentication even weaker (and what to do about it)

How AI makes password-based authentication even weaker (and what to do about it)

Passwords have long been the first line of defense for securing digital accounts and protecting sensitive information. And while it’s no surprise that passwords are vulnerable to attacks, AI makes password-based authentication even weaker. On one hand, AI is helping…

UserLock wins Product of the Year (Identity and Access Management) from Redmond

UserLock wins Product of the Year (Identity and Access Management) from Redmond

We’re pleased to announce that UserLock places first in the Identity and Access Management (IAM) category in Redmond magazine’s 2023 Product of the Year Awards. Redmond magazine, the leading independent voice of the Microsoft IT community, has recognized UserLock as…

SAML vs. OpenID vs. OAuth vs. LDAP: Decoding SSO Protocols

SAML vs. OpenID vs. OAuth vs. LDAP: Decoding SSO Protocols

Each time you enjoy the streamlined experience of logging into various apps using just one set of credentials, you’re likely crossing paths with SAML. This key technology powers single sign-on (SSO). This process of single sign-on is where the SAML…

Azure MFA Server vs. Azure AD MFA: What’s the difference?

Azure MFA Server vs. Azure AD MFA: What’s the difference?

With Microsoft’s announcement to discontinue MFA via the Microsoft MFA server and a rebranding to Microsoft Entra ID (formerly Azure AD), many organizations are at a crossroads: embrace the cloud-based Azure AD (now Microsoft Entra ID) MFA or maintain on-premise…

Is there a business case for cloud repatriation?

Is there a business case for cloud repatriation?

In the ever-evolving landscape of IT infrastructure, the pendulum often swings between embracing the cloud and reconsidering the benefits of on-premise solutions. This phenomenon, known as cloud repatriation, continues to spark discussion among organizations seeking the optimal balance between cost-effectiveness, security, and performance. While high-profile cases like 37signals have documented substantial savings by moving back … Continued

The new FTC MFA requirement: Here’s what auto dealers need to know

The new FTC MFA requirement: Here’s what auto dealers need to know

After the FTC’s latest update to the Gramm-Leach-Billey Act (GLBA), any organization, including auto dealerships, that processes and stores customers’ personal financial data must meet several compliance requirements as of June 9, 2023. A key part of those requirements: a data security program with identity and access management support, including MFA. The new FTC MFA … Continued

How MFA prevents man-in-the-middle (MiTM) phishing attacks

How MFA prevents man-in-the-middle (MiTM) phishing attacks

For cybercriminals, the appeal of phishing is simple: it’s reliable. At no cost, attackers can target as many employees as they want to gain access to a user account. It’s a numbers game, and they need only fool a single…

Two-factor authentication in schools: The essential guide

Two-factor authentication in schools: The essential guide

Like any other sector, education heavily relies on digital infrastructure, making it a hot spot for malicious activities. Check Point’s 2022 Mid-Year Report reinforces the urgency to secure educational institutions, highlighting a crazy 44% surge in cyber-attacks specifically aimed at…

What is TISAX certification? Here’s what you need to know

What is TISAX certification? Here’s what you need to know

When Tesla’s model S came out in 2015, Elon Musk called it “a very sophisticated computer on wheels.” With cars increasingly more electronic device than machine, car makers are starting to act like software companies. We see a prime example…

A guide to the (revised) FTC Safeguards Rule’s new FTC MFA requirement

A guide to the (revised) FTC Safeguards Rule’s new FTC MFA requirement

According to the FTC’s latest update to the Gramm-Leach-Billey Act (GLBA), many organizations now face new compliance requirements, including the FTC MFA requirement. In an effort to protect sensitive consumer data and curtail rampant data compromises, the FTC recently revised…

Why 2FA for financial services is (still) so important

Why 2FA for financial services is (still) so important

The large-scale cyber attack on JP Morgan Chase in 2014 exposed the vulnerability of financial institutions’ digital infrastructure. As a result of the historic attack, hackers gained access to the personal information of 76 million households and 7 million small businesses. The blow to the bank’s reputation was significant, and swift. Beyond the immediate financial … Continued

UserLock named winner of selective Expert Insights award

UserLock named winner of selective Expert Insights award

We’re pleased to announce UserLock has won Expert Insights’ Editor’s Choice award in the Identity and Access Management category. Expert Insights is a leading resource for cybersecurity news, research and analysis. Their highly-selective Editor’s Choice award, limited to just six IAM solutions, recognizes UserLock as a Summer 2023 Editor’s Choice. This award highlights solutions that Expert Insights … Continued

Best 2FA authenticator apps with push notifications of 2023

Best 2FA authenticator apps with push notifications of 2023

Between remote work and evolving cyber threats, an additional layer of security beyond the password is not a “nice to have.” One of the most effective methods to safeguard your user accounts is two-factor authentication (2FA). 2FA requires users to…

Quickly approve 2FA push notifications with the UserLock Push App

Quickly approve 2FA push notifications with the UserLock Push App

  Curious about UserLock 2FA push notifications via the UserLock Push app? Here’s how push notifications make MFA frictionless for your team. MFA is a must for security, but it can’t get in the way of your team’s productivity. As…

Simplify MSP licensing and billing with the UserLock MSP console

Simplify MSP licensing and billing with the UserLock MSP console

Learn how the UserLock MSP Console simplifies your MSP licensing and billing. We’re pleased to announce the public release of the MSP console for UserLock. Now, managed service providers (MSPs) can easily administer UserLock licenses from our intuitive, web-based licensing management…

Windows Domain 2 Factor Authentication (2FA)

Windows Domain 2 Factor Authentication (2FA)

Windows domains and Active Directory (AD) makes it easy for administrators to control a large number of business PCs and devices from a central location. Today, a huge percentage of enterprises continue to rely on Windows domain AD to manage assets,…

Six steps to multi device security in the age of BYOD

Six steps to multi device security in the age of BYOD

Why does bring your own device (BYOD) worry IT managers? It all comes down to a wider base of devices gaining access to network resources. But with remote and hybrid work here to stay, employees asking to use their own devices for work is now commonplace. So, what what are the risks? And how can IT managers … Continued

Why UserLock? Compare UserLock alternatives

Why UserLock? Compare UserLock alternatives

UserLock is an access management and multi-factor authentication (MFA) solution created by IS Decisions. It offers IT teams enhanced protection, control, and visibility over user access in Windows Active Directory and cloud environments. UserLock provides a solution for key zero-trust concerns such as unauthorized access and data breaches. Easy to install, it integrates seamlessly with … Continued

A guide to MFA prompt frequency: How often should you require MFA?

A guide to MFA prompt frequency: How often should you require MFA?

Every year, cybercriminals have more opportunities to exploit vulnerable user accounts and gain unauthorized access to corporate networks. Stolen or compromised credentials pose one of the largest financial threats to organizations, at around $4.5m per data breach. Compromised login credentials…

How to evaluate common multi-factor authentication (MFA) methods

How to evaluate common multi-factor authentication (MFA) methods

MFA is an organization’s best defense against the increasing cost of data breaches. The question for savvy IT pros is not if to apply MFA, but how? A key part of how you apply MFA is the method you choose…

Securing Active Directory logins in remote work environments

Securing Active Directory logins in remote work environments

  The boom in working from home is a bonanza for cyber attackers. Each time an employee connects to the corporate network from their home they create an access point that can often be exploited. With Windows Active Directory (AD)…

Why cyber awareness training is essential for your employees

Why cyber awareness training is essential for your employees

Cybersecurity, IT governance and data security are the number one business risk in 2023. As cybercriminals become more sophisticated with their attacks, it’s tempting to point fingers at who, or what, seems responsible. The reality is more nuanced. We need…

How to protect MFA against brute force attacks

How to protect MFA against brute force attacks

Multi-factor authentication (MFA) undeniably boosts security – this much we know for sure. Yet it remains a complex technology that often ends up being a trade-off between security and convenience. Attackers know this, betting that defenders will either fail to apply MFA widely enough or will make mistakes when implementing it. We’re seeing more and … Continued

The future of multi-factor authentication (MFA)

The future of multi-factor authentication (MFA)

Today’s increasingly frequent and costly cyber threats underscore the importance of securing access to organizational assets. Around 70% of successful data breaches originate from stolen credentials or phishing attacks, demonstrating how weak access security offers cybercriminals an easy route into corporate networks. Multi-Factor Authentication (MFA) plays a key role in the defense against cyber attacks. … Continued

6 ways to beat MFA fatigue attacks

6 ways to beat MFA fatigue attacks

Multi-Factor Authentication (MFA) has long been recommended as the most effective way for organizations to reduce the risks that arise from password compromise. Correctly implemented, attackers find it anything from inconvenient to impossible to bypass. With MFA, it can seem…

UserLock vs Thales (SafeNet Trusted Access)

UserLock vs Thales (SafeNet Trusted Access)

Securing system access through user authentication tools is essential to prevent data loss and security breaches. These tools confirm the identities of users who access cloud applications and user accounts, allowing access to only authorized individuals. Among the many potential…

Causes of data leaks & how to prevent them

Causes of data leaks & how to prevent them

We all want to feel confident that our critical data isn’t falling into the wrong hands. But as data becomes currency, cyber attacks on sensitive information are all the more common. In 2022, more than 400 million U.S. citizens were…

Understanding user provisioning and deprovisioning

Understanding user provisioning and deprovisioning

Managing access to enterprise networks is a critical aspect of information security. Under the ongoing and severe threat of data breaches, organizations must employ sufficient identity and access management (IAM) to safeguard their systems. Proper user provisioning and deprovisioning is…

Protect your business: the importance of corporate cyber security

Protect your business: the importance of corporate cyber security

According to Forbes, cyber security joins inflation and recessions as one of the 10 biggest threats to businesses in 2023. As widespread cyber attacks continue to dominate headlines, organizations are no longer treating corporate cyber security as just an IT problem. An overview of corporate cyber security A recent Gartner report showed that 88% of … Continued