logo
June 25, 2020 | Mike Tierney

IT Security Audits: The Key to Success

An IT security audit is a comprehensive examination and assessment of your enterprise’s information security system. Conducting regular audits can help you identify weak spots and vulnerabilities in your IT infrastructure, verify your security controls, ensure regulatory compliance, and...
September 30, 2019 | Brian Johnson

Top 3 Audit Challenges and How to Overcome Them

No matter what role you play in the audit process, the experience can be painful. If you’re an external consultant, you have to work with clients who have limited budgets and high expectations. And if you’re an internal IT/security auditor, you might have to wade through a sea of internal...
April 2, 2019 | Matt Middleton-Leal

NIST SP 800-171: What the Requirements Are and How to Be Compliant

The deadline for Department of Defense (DoD) contractors to implement the requirements of NIST Special Publication 800-171 was 31 December 2017, according to the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012. Companies that failed to do so are in a tough situation: They...
March 27, 2019 | Sarah Greesonbach

Plan Effective SIEM First, Compliance Second

Security information and event management (SIEM) is a major priority for large companies. It’s a reporting process that provides a holistic view of the health of an organization’s IT security as well as important details for various kinds of compliance regulations, including GLBA, PCI, FISMA,...
February 25, 2019 | Jeff Melnick

How to Detect Who Deleted a Group Policy Object

Group Policy Objects (GPOs) can provide configurations for access to shared resources and devices, enable critical functionalities or establish secure environments. If some of the GPOs are deleted, users may not be able to access the Internet, modify their data, use peripherals or even log in to...
March 27, 2019 | Alex Vovk

Cryptolocker: When Antivirus Cannot Help

There is currently much talk about Cryptolocker and other kinds of ransomware. Cryptolocker is such kind of malicious program that, once it is active, starts encrypting files it can access on a local system or on network shares and then threatens to hold your data hostage until you pay. Users...
February 25, 2019 | Michael Fimin

Top Five Hottest Trends at RSA 2016 Conference

The 25th 2016 RSA Conference, held in San Francisco, CA, has brought together the record number of attendees from all over the world to discuss major IT industry trends and upcoming challenges. For the past years, RSA Conference has been raising different hot topics, from unstructured data...
March 27, 2019 | Jeff Melnick

How to Detect Who Disabled a User Account in Active Directory

Users whose accounts have been disabled, either accidentally or maliciously, are unable to log into IT systems using Windows authentication. Those who are already logged in might experience problems accessing email, files, SharePoint, etc. By native auditing you should go through 6 steps listed...
March 27, 2019 | Michael Fimin

IT Auditing Challenges for IT Managers

IT auditing is all about knowing what was changed in your IT infrastructure, who changed it, when and where. This information is vital and should be an integral and ongoing part of any security strategy. Yet, a  Netwrix survey of some 600 IT professionals revealed that 57% of respondents have made...
October 29, 2019 | Nick Cavalancia

Peeling the Onion: How to Survive an IT Audit

We continue the series of articles by Nick Cavalancia on our blog. The previous post was dedicated to Event Logging, today we are going to talk about general approach to IT Audit. An IT Audit is, generally speaking, a reactive activity. Some compelling event occurs - a security breach, a...
Show more articles
...