Tag: Change audit

Various researches reveal that a staggering 80% of reported breaches involve exploiting vulnerabilities in the configurations of IT systems. To proactively block attacks and thereby prevent costly downtime and data breaches, experts recommend implementing a server hardening policy, which is a...

If you are using a wireless keyboard or mouse on your computer, beware of the risk of getting mousejacked. Using this technique, attackers could take over your entire Active Directory in just minutes using a $15 USB radio device that discovers vulnerable devices. In this podcast, Brian Johnson,...

Continuously auditing the activity in your network is one of the most critical security best practices, since it helps you notice potentially malicious activity early enough to take action and prevent data breaches, system downtime and compliance failures. Top methods of Windows auditing...

SIEM is a complex solution that requires thorough maintenance and support, which often skyrockets SIEM expenses. The need to hire and train more SIEM analysts is named as the main factor that significantly influences the total cost of SIEM ownership. It earned the highest score (4.8) in the rating...

Significant security threats emerged in 2014. Closing out this epic year with a bang is Destover, aka Wiper. Wiper, as far as security threats go, is significant. Significant enough that the FBI quietly sent a memo to businesses and government agencies advising vigilance against Wiper based...

Accidental or malicious changes to Organizational Units (OU) and groups in Active Directory almost inevitably lead to trouble for IT departments. Here are some of the most common examples: if an OU that contains “User Accounts” is deleted, users will not be able to log in or experience...

This should be no revelation to IT professionals: you have to regularly monitor changes occurring in your network – and mainly for two reasons. The first one is this: continuous monitoring will take pain off meeting compliance requirements and surviving auditor’s visits. The second reason to...

As IT professionals, it’s our responsibility to do everything within our power to protect our organizations from IT security threats. Unfortunately, all too often I hear fellow IT pros express an almost universal confidence in endpoint protection as the be-all, end-all to combating these threats....

You just got the call: your Exchange server is not sending or receiving email. Your one and only Exchange server. OK, this is bad. You drop everything and begin to check the Exchange server for problems. It is up? Yes. Are the needed services running? Yes. Does it have enough disk space?...

When it comes to change management, Scott Matteson gets it.  Too many companies today make changes without any kind of change management in place. Scott's approach even includes the mandated use of individual accounts to perform changes so that Auditing of system changes can easily be tied back to...