5 Security and Compliance Improvements with Exchange 2013 SP1

Microsoft released service pack 1 (SP1) for Exchange Server 2013 in February, ahead of the Microsoft Exchange Conference (MEC) in Austin, Texas. Many companies refuse to consider upgrading before the release of SP1, when it’s believed the product is finally “finished”, while other organizations are moving to subscription services such as Microsoft Office 365 to … Continued

Live Webinar: Top 5 Critical Changes to Audit in Microsoft SharePoint

Microsoft SharePoint has found its way to many IT environments just like yours, and for many organizations it has already become a critical service. Regardless of SharePoint deployment size and maturity, absence of proper change documentation and audit can lead to a serious risk to the organization’s regulatory compliance, confidentiality of sensitive data, or business … Continued

Why You Need to Ensure Administrators Change Passwords Regularly

The first time I really felt like I was a system administrator was when the Unix systems administrator in the IT unit I worked for at an Australian University went on leave for three months. During this time I was responsible for all of the servers that he had managed, which included all minor departmental … Continued

Accidental Security Breaches

Many people (particularly non-technical people) believe that the biggest security issues stem from external sources.  Certainly anyone who has watched the news lately and seen companies targeted for their credit card information would agree.  TV and Movies are other great sources of incredibly entertaining (and impossible) attacks against all sorts of companies and facilities. While … Continued

Network Auditing vs NSA Surveillance

Last December, Microsoft published an article on its official blog detailing steps the company planned to take to protect its customers’ data from government snooping. Written by Brad Smith, general counsel and executive vice president for Microsoft Legal & Corporate Affairs, the article promised additional encryption of data in transit and at rest, reinforced legal … Continued

HIPAA Settlements: The Largest One Could Have Been Prevented

The Health Insurance Portability and Accountability Act (HIPAA) has been around since 1996; that’s 18 years. Cyber criminals and data breaches continue to flourish, with headline cases breaking every couple of months. Yet too many organizations still fail at implementing the necessary level of network security and policy oversight to ensure that sensitive data is … Continued

Epic Fail: The Need for System Documentation

It’s not easy for me to admit failure! But anytime it can help someone learn a lesson, I’m more than willing to air my dirty laundry. I haven’t always been in IT. Many of you who have followed me on Spiceworks know that once upon a time I was a police officer. The biggest lesson I … Continued