News, discussion and expertise on IT Management. We focus on the specific but important gaps in managing the security of Microsoft Windows and Active Directory Infrastructures.

IT Management

Comments Off on Taking a Proactive Approach to Avoid Data Breaches

Taking a Proactive Approach to Avoid Data Breaches

Taking a Proactive Approach to Avoid Data Breaches

  It seems like IT’s general approach to any kind of attack – which includes data breaches – is a reactive one. Think about it, in every kind of attack-related scenario – whether an external attack, an insider threat, malware infection, ransomware attack, etc. – the “business as usual” methodology is to detect the attack/infection … Continued

Comments Off on Does Meeting Compliance Include File Servers?

Does Meeting Compliance Include File Servers?

Does Meeting Compliance Include File Servers?

Those of you reading this are likely working in industries with compliance mandates around protecting specific data types from misuse. And, like most businesses today, you’re probably using some kind of industry-specific set of applications that host that data – a health information management system in a healthcare setting, for example. So, your compliance focus … Continued

Comments Off on Lessons from the NHS: A bitter pill to swallow

Lessons from the NHS: A bitter pill to swallow

Lessons from the NHS: A bitter pill to swallow

The WannaCry cyber-attack, which took place earlier this month, has made headlines all over the world over in recent weeks. Already documented as the biggest ransomware attack in history, the hackers shut down IT systems worldwide, with a staggering 75,000 attacks in 99 countries. However, of those impacted, the organisation which has been given the … Continued

Comments Off on What companies can learn from the alleged Apple hack

What companies can learn from the alleged Apple hack

What companies can learn from the alleged Apple hack

According to a report from Motherboard, a group of hackers is attempting to extort one of the most well-known companies in the world — Apple. The blackmailing is over alleged access to a collection of stolen user credentials for iCloud and other Apple email accounts. The ‘Turkish Crime Family’ hackers have demanded $75,000 in either … Continued

Comments Off on Tracking or restricting overtime with America’s prospective labor laws

Tracking or restricting overtime with America’s prospective labor laws

Tracking or restricting overtime with America’s prospective labor laws

As Barack Obama prepares for retirement, all eyes are on America as its 45th president, Donald Trump, takes over. Before he passed on the baton to his successor, Obama attempted to overhaul legislation surrounding overtime pay. This law would have significantly raised the salary cap under which workers were entitled to earn overtime, meaning the … Continued

, , , , , Comments Off on User security compliance – Where industries are getting compliance badly wrong.

User security compliance – Where industries are getting compliance badly wrong.

User security compliance – Where industries are getting compliance badly wrong.

When it comes to data security, regardless of your industry sector, you’re likely to have to deal with compliance regulations. If you’re in the legal industry, there is the Law Society’s Lexcel standards. If you handle cardholder data, you’ll have to comply with PCI DSS. And if you work in healthcare, there are guidelines from … Continued

, , , Comments Off on IT manager at a school or university? You’ve got your work cut out for you

IT manager at a school or university? You’ve got your work cut out for you

IT manager at a school or university? You’ve got your work cut out for you

If you’re responsible for IT security at a school, college or university, I don’t envy you. You have a tough job. Not only do you need to keep out the usual external threats like viruses, trojan horses, hackers and the like from your network; you need to ensure that you protect against students’ own blasé … Continued

, Comments Off on How to reduce the risk of Insider Threat in Healthcare

How to reduce the risk of Insider Threat in Healthcare

How to reduce the risk of Insider Threat in Healthcare

Towards the end of 2014 all we seemed to hear about in the technology media was the latest nugget of information to come out of the Sony Hack. The stories mostly concerned celebrities and highlights of who happened to be the biggest divas in Hollywood, along with some embarrassing email chains involving comments from senior … Continued

Comments Off on MeriTalk Insider Job. Actions to Minimize the Risk of Insider Threat

MeriTalk Insider Job. Actions to Minimize the Risk of Insider Threat

MeriTalk Insider Job. Actions to Minimize the Risk of Insider Threat

Released today, MeriTalk’s Inside Job. The Federal Insider Threat Report surveyed 150 Federal IT managers on insider threat. The new report examines actions agencies should take to minimize risk and cyber incident consequences. The consequences are real. In the past year, nearly half of Federal agencies were targets of insider threats and nearly one in three (29 percent) … Continued

, , , Comments Off on HIPAA unique user identification in a Windows System

HIPAA unique user identification in a Windows System

HIPAA unique user identification in a Windows System

Healthcare is one of the most information intensive industries in society today, with patient data naturally being of a very sensitive nature, and the handling of that data often very complex. So to help protect this information, US medical organizations must adhere to HIPAA (Health Insurance Portability and Accountability Act), a set of regulations enforced … Continued

Secured By miniOrange