Tag: IT audit

An IT security audit is a comprehensive examination and assessment of your enterprise’s information security system. Conducting regular audits can help you identify weak spots and vulnerabilities in your IT infrastructure, verify your security controls, ensure regulatory compliance, and...

No matter what role you play in the audit process, the experience can be painful. If you’re an external consultant, you have to work with clients who have limited budgets and high expectations. And if you’re an internal IT/security auditor, you might have to wade through a sea of internal...

Group Policy Objects (GPOs) can provide configurations for access to shared resources and devices, enable critical functionalities or establish secure environments. If some of the GPOs are deleted, users may not be able to access the Internet, modify their data, use peripherals or even log in to...

There is currently much talk about Cryptolocker and other kinds of ransomware. Cryptolocker is such kind of malicious program that, once it is active, starts encrypting files it can access on a local system or on network shares and then threatens to hold your data hostage until you pay. Users...

The 25th 2016 RSA Conference, held in San Francisco, CA, has brought together the record number of attendees from all over the world to discuss major IT industry trends and upcoming challenges. For the past years, RSA Conference has been raising different hot topics, from unstructured data...

We continue the series of articles by Nick Cavalancia on our blog. The previous post was dedicated to Event Logging, today we are going to talk about general approach to IT Audit. An IT Audit is, generally speaking, a reactive activity. Some compelling event occurs - a security breach, a...

We continue the “Deep Dive” series. In it you might find the answers to some of your technical questions. The industry experts will provide their insights on several topics and research some new features of most popular applications. The first article of the series can be found here. Also,...

This big old globe of ours keeps rolling around the sun, and as we turn the corner into a brand new year, it’s a good time to take stock and plan for a better, more secure future. In the IT world, that means reviewing your systems and infrastructure to ensure everything is running effectively and...

Microsoft DNS (Domain Name Service) is the service for all computer name resolution for both the Internet and also for Microsoft’s Active Directory. Every web browser request, every Active Directory logon, every email that is routed touches DNS somehow. Within DNS every computer or web site is...

I recently stumbled upon this post in Spiceworks community that talks about someone's upcoming audit with BDO (a major international audit firm - not from Big 3, but still pretty large). Thanks to this Spicehead (this is how they call members of Spiceworks) we have their real findings and...