The stakes are high when it comes to cybersecurity in the financial sector. Financial organizations house a lot of sensitive customer data, including login credentials, personally identifiable information (PII), and banking details. The New York State Department of Financial... Read More
Compliance
Categories
HIPAA password requirements: Best practices for compliance
The digital transformation of healthcare has brought plenty of benefits, but it’s also introduced new challenges in protecting patient information. The Health Insurance Portability and Accountability Act (HIPAA) plays a critical role in ensuring that medical data remains secure.... Read More
Navigating HIPAA cybersecurity requirements: A guide for healthcare providers
Healthcare data is a prime target for hackers. It often includes personal identifying information (PII), medical records, insurance details, and financial information, which can be used for identity theft, insurance fraud, and other malicious activities. The high value of... Read More
How to build a PCI-compliant password policy
The Payment Card Industry Data Security Standard (PCI DSS) is a set of guidelines designed to protect cardholder data and ensure that organizations handling payment card information maintain a secure environment. Among its many requirements, PCI DSS places significant... Read More
NIS2, passwords, and MFA: Everything you need to know
MFA and password security are key considerations in several regulatory frameworks, and NIS2 is no different. The NIS2 Directive is an important piece of legislation for anyone working in cybersecurity across the European Union. The latest updates to the... Read More
Update to GLBA safeguards rule: What you need to know
Financial institutions are at the forefront of cybersecurity challenges due to the sensitive nature of the data they handle. As the frequency and sophistication of cyberattacks increase, so does the need for robust regulatory safeguards, requiring organizations to bolster... Read More
Securing authentication tokens by preventing delegation of admin accounts
The underlying capabilities provided by Kerberos authentication in Active Directory means that access tokens can be delegated to users and computers for various purposes. Attackers can capitalize on the built-in capabilities of Active Directory with impersonation and delegation to... Read More
[New Data] Attackers Are Using These Passwords to Attack the RDP Port Right Now
The Specops Breached Password Protection List Tops 3 Billion Unique Compromised Passwords from Live Attack Data and Leaked Lists Today, the Specops Software research team is sharing the results of our analysis on what passwords are being used to... Read More
Service account password rotation
Service accounts are the unseen heroes of your organization’s architecture – they keep critical services running. While most organizations are generally aware of the sensitive nature of service accounts, password practices can still be poor. It is not uncommon... Read More
New Compliance Standards & More: See What’s New in Specops Password Auditor
Today, we’ve released the latest Specops Password Auditor — a read-only program that can help IT admins identify password vulnerabilities including number of accounts with compromised passwords and more. In this release, we’ve introduced a big update to our... Read More