News, discussion and expertise on IT Security and the biggest security risks in today’s organizations. Focused on Microsoft Windows and Active Directory Infrastructures we look to address the prevention of security breaches, ensuring regulatory compliance and responding to IT Emergencies.

IT Security

Comments Off on Stand Down, Marketers: Zero Trust is Not a Product

Stand Down, Marketers: Zero Trust is Not a Product

Stand Down, Marketers: Zero Trust is Not a Product

Thanks to relentless marketing, Zero Trust is quickly turning into another buzzword. It’s time security professionals claim to the term. Once and for all: Zero Trust is not a product, it’s a security strategy. While a product or service can indeed be part of a Zero Trust security strategy, no single product can satisfy all … Continued

Comments Off on Meet Salesforce MFA Requirements via SSO With Active Directory Identities

Meet Salesforce MFA Requirements via SSO With Active Directory Identities

Meet Salesforce MFA Requirements via SSO With Active Directory Identities

This article explains how UserLock can deliver SSO and MFA access to Salesforce from anywhere for on-premise Active Directory identities. In response to the global threat landscape, Salesforce now requires multi-factor authentication (MFA) for all logins. While Salesforce has enabled MFA on direct Salesforce logins, MFA is also a contractual requirement for users who access … Continued

Comments Off on Master Your Data Lifecycle to Improve Data Security

Master Your Data Lifecycle to Improve Data Security

Master Your Data Lifecycle to Improve Data Security

  A data lifecycle is hard to pin down. Depending on your industry or profession, what makes up a data lifecycle can vary widely. For example, Harvard Business School claims there are eight data life cycle stages. But some count only seven stages, and some just five. When it comes to cybersecurity, a more concrete, … Continued

Comments Off on Is It Paranoia If It’s Real? Know These Insider Threat Indicators

Is It Paranoia If It’s Real? Know These Insider Threat Indicators

Is It Paranoia If It’s Real? Know These Insider Threat Indicators

“Just because you’re paranoid doesn’t mean they’re not out to get you.” More than just a great Nirvana lyric, this also sounds like an apt mantra for modern-day cybersecurity. Because if administrators are feeling paranoid these days, it’s for good reason. External attacks abound, and insider threats tend to fly under the radar until it’s … Continued

Comments Off on Why Using SMS Authentication for 2FA Is Not Secure

Why Using SMS Authentication for 2FA Is Not Secure

Why Using SMS Authentication for 2FA Is Not Secure

Two-factor authentication (2FA) is now a part of daily life, and most of us have had first-hand experience with SMS authentication. You enter your password, then you get a prompt to enter a code or pin that’s sent to your phone number. After you type in the code, you’re in. Simple, right? We all have … Continued

Comments Off on Stop the Frustration and Risk of Unchecked Access to Files and Folders

Stop the Frustration and Risk of Unchecked Access to Files and Folders

Stop the Frustration and Risk of Unchecked Access to Files and Folders

Following the recent updates to FileAudit, we discuss how automated responses to file moves, deletions and other access events can help SMBs, and the MSPs that service them, protect sensitive data from theft, alteration and loss. Have you ever been asked to find out who moved years of archived PDF files, who deleted important client … Continued

Comments Off on Hybrid Cloud Storage Protection for MSPs

Hybrid Cloud Storage Protection for MSPs

Hybrid Cloud Storage Protection for MSPs

Cyber threats such as ransomware, identity theft, and data exfiltration, which traditionally target on-premise resources are now a growing problem for cloud storage services. As companies continue to deploy resources to the cloud, the need to address these additional security challenges is a major concern. Data security and compliance Everybody knows how the cloud has changed how businesses … Continued

Comments Off on MFA and Cyber Liability Insurance: Understand the MFA Insurance Requirement

MFA and Cyber Liability Insurance: Understand the MFA Insurance Requirement

MFA and Cyber Liability Insurance: Understand the MFA Insurance Requirement

Cyber liability insurance (also known as cyber insurance) is driving a long-overdue improvement in user access security. Multi-factor authentication (MFA) is fast becoming a cyber insurance requirement for all accounts, privileged and non-privileged, to protect on-site and remote access.  Here’s a quick guide to understanding the MFA insurance mandate. Not a requirement in previous cyber … Continued

Comments Off on Addressing User Access in IT Security Compliance

Addressing User Access in IT Security Compliance

Addressing User Access in IT Security Compliance

The risks of non-compliance are not worth taking. You face fines and even imprisonment — not to mention that non-compliance could lead to a serious data breach that might ultimately lose you clients and damage your reputation. But addressing the murky waters of compliance has never been an easy task, and as regulators add more … Continued

Comments Off on RDP Gateway MFA

RDP Gateway MFA

RDP Gateway MFA

Multi-factor authentication (MFA) for Remote Desktop Gateway and RDP connections should be very high on your security to-do list. Some or even your entire workforce might now be dispersed but their access to company networks still needs to be protected. Here we look at why a second factor of authentication is recommended to protect remote … Continued

Secured By miniOrange