Tag: Information security

Organizations often create multiple IT policies for a variety of needs: disaster recovery, data classification, data privacy, risk assessment, risk management and so on. These documents are often interconnected and provide a framework for the company to set values to guide decision-making and...

In this blog post, we will explain the principle of least privilege (POLP), provide the definition and use cases, and explain the importance of the principle. Like many other security principles and concepts, this principle is one part of a larger security strategy that aims at mitigating the risk...

What is the CIA triad? Information security revolves around the three key principles:  confidentiality, integrity and availability (CIA). Depending upon the environment, application, context or use case, one of these principles might be more important than the others. For example, for a financial...

IT security vendors often promote tempting cutting-edge technologies that claim to solve most of your cybersecurity issues. It is easy to get sucked in by buzzwords like UEBA (user and entity behavior analytics), AI (artificial intelligence), machine learning and advanced analytics, but a deeper...

Today, nearly every organization relies on stable and secure IT operations, so cyber risks merit the same careful attention as other types of risks. Top leaders understand this: The World Economic Forum’s 2018 Global Risk Report claims that most influential movers and shakers view cyber attacks...

With attacks getting increasingly frequent and sophisticated, the traditional approach to shielding your IT ecosystem is no longer working. You can’t simply tie hands of “bad guys” and give full privileges to “good guys” because you can’t know which users you can actually trust. For...

Windows Information Protection (WIP) provides organizations with a set of features to support a Mobile Device Management (MDM) system and enable separation of corporate and personal data to prevent leaks. In this article, I'll explain how WIP works. Why Use WIP? As corporate data becomes...

Infosecurity Europe 2016, Europe’s number one information security event, took place in London, 7–9 June 2016. Cybercrimes, ransomware, and insider threat detection were this year’s hot topics. Netwrix experts ran a few speaking sessions at the Cyber Innovation Showcase segment that...

Security information and event management (SIEM) is a major priority for large companies. It’s a reporting process that provides a holistic view of the health of an organization’s IT security as well as important details for various kinds of compliance regulations, including GLBA, PCI, FISMA,...

While it was a common concern for computing people to implement security measures within their information assets, there has to be a “de facto”, meaning, the standards which focuses on the minimum solutions that addresses information security concerns on an industry or on a regulatory...