Ten Simple Ways to Prevent Security Breaches in Microsoft Exchange 2010

Exchange data is the heart of any enterprise and is considered to be a critical business application, because it is used for record keeping and as a low-cost communication solution. Today, e-mails are not just accessible from the workstation within the corporate network; they can also be accessed from remote computers or mobile devices. This … Continued

Can SIEM Solutions Be Effectively Used for Change Auditing?

This should be no revelation to IT professionals: you have to regularly monitor changes occurring in your network – and mainly for two reasons. The first one is this: continuous monitoring will take pain off meeting compliance requirements and surviving auditor’s visits. The second reason to implement a solution that keeps track of the changes … Continued

Unauthorized Software Installation on Windows Server – Who? What? When?

Suspicious software on your Windows Server may be the result of an unauthorized installation by your own employee or originate from a hackers’ attack. Any suspicious software can potentially cause leakage of sensitive data, not to mention server performance slowdown or infringement of compliance policies. That is why it is vital to be aware of … Continued

Shellshock Survival Guide

In the past few months you might have heard news of cyber-attacks resulting in security breaches almost on a daily basis. HIPAA and PCI compliance violations, hacker intrusions and internal negligence were the top reasons for that. Probably, the most violent and massive of recent breaches was the Shellshock (Bashdoor) vulnerability. It has hit most … Continued

Cost of Cybercrime Rising While IT Security Spending is Down

Are we all getting a little weary of stories about major data breaches at giant retailers or health care providers? A new survey released at the end of September sheds some interesting light on the state of information security. Considering the ever-growing threat of cybercrime, some of the findings in the survey are perhaps surprising, … Continued

Shellshock Demands a Managed Response

Shellshock is the latest and possibly most significant IT security vulnerability identified by researchers. I imagine that by now most IT pros have heard of this threat. In a year of unprecedented security events, some may be “tuning out” security. If ever there was an IT vulnerability to not minimize, it’s Shellshock. Heartbleed, a massive … Continued

Understanding the Mailbox Move Request in Exchange 2010

Mailbox Move Request is the process of moving a mailbox from its source mailbox database to a target mailbox database. Target mailbox database can be either on the same server or on a different server or even in a different domain/forest.  Mailboxes are moved for various reasons like transitioning to the new environment or investigating … Continued

How to Detect SharePoint Permission Changes

As the amount of critical data stored on SharePoint increases, securing it becomes one of organization’s top priorities. Excessive SharePoint permissions may not only allow users to get access to sensitive data but also to copy, modify, delete and distribute confidential files. Timely detection of SharePoint permission changes is extremely important for security assurance. This … Continued

Exploring Exchange 2010 Role Requirements Calculator – DAG Scripts

Microsoft Exchange 2010 Role Requirements Calculator is de facto a tool to calculate and design Exchange 2010 solution for the production environment. It’s a Microsoft best practice tool created using Excel application for easy usage and distribution, and it can be downloaded from Microsoft TechNet Gallery. Administrator has to key in all the necessary design … Continued

5 Reasons to Reassess Your IT Security Strategy

If you’ve been in the IT field for a while, you know that one thing you can depend on is that you can’t depend on anything to stay the same. Technology is always advancing, trends are always changing, and you’re often left scrambling to keep up. Nowhere is this more true than in the security … Continued

IT Is Spicing It up with Software Defined Solutions

Last week I was able to attend the SpiceWorld event sponsored by Spiceworks in Austin TX, a fantastic event held in the heart of TX. This was my first time at the event that is focused on the IT professional that is in the trenches day to day. I must say I was very impressed … Continued

Live Webinar: Ensuring Your IT Policies Actually Work with Change and Access Auditing

Most organizations have some formally defined IT policies to govern the infrastructure and mitigate possible security risks. While such policies usually define roles and provide guidance for users, administrators and management, there is a catch. On Wednesday, October 15 at 2:00 PM EDT join MVP Jason Helmick from Concentrated Technology and Ilia Sotnikov from Netwrix … Continued