5 Security and Compliance Improvements with Exchange 2013 SP1

Microsoft released service pack 1 (SP1) for Exchange Server 2013 in February, ahead of the Microsoft Exchange Conference (MEC) in Austin, Texas. Many companies refuse to consider upgrading before the release of SP1, when it’s believed the product is finally “finished”, while other organizations are moving to subscription services such as Microsoft Office 365 to … Continued

Why You Need to Ensure Administrators Change Passwords Regularly

The first time I really felt like I was a system administrator was when the Unix systems administrator in the IT unit I worked for at an Australian University went on leave for three months. During this time I was responsible for all of the servers that he had managed, which included all minor departmental … Continued

Accidental Security Breaches

Many people (particularly non-technical people) believe that the biggest security issues stem from external sources.  Certainly anyone who has watched the news lately and seen companies targeted for their credit card information would agree.  TV and Movies are other great sources of incredibly entertaining (and impossible) attacks against all sorts of companies and facilities. While … Continued

Network Auditing vs NSA Surveillance

Last December, Microsoft published an article on its official blog detailing steps the company planned to take to protect its customers’ data from government snooping. Written by Brad Smith, general counsel and executive vice president for Microsoft Legal & Corporate Affairs, the article promised additional encryption of data in transit and at rest, reinforced legal … Continued

HIPAA Settlements: The Largest One Could Have Been Prevented

The Health Insurance Portability and Accountability Act (HIPAA) has been around since 1996; that’s 18 years. Cyber criminals and data breaches continue to flourish, with headline cases breaking every couple of months. Yet too many organizations still fail at implementing the necessary level of network security and policy oversight to ensure that sensitive data is … Continued

Epic Fail: The Need for System Documentation

It’s not easy for me to admit failure! But anytime it can help someone learn a lesson, I’m more than willing to air my dirty laundry. I haven’t always been in IT. Many of you who have followed me on Spiceworks know that once upon a time I was a police officer. The biggest lesson I … Continued