Compliance

music notes and password security

Defending Your Network from RockYou2021 

In June 2021, a large data dump was posted to a popular internet hacking forum. This dataset was termed “rockyou2021,” named after the popular password brute-force wordlist known as Rockyou.txt.   Media and Twitter alike were abuzz with what to... Read More

laptop with login screen

Microsoft password expiration recommendation

Microsoft Active Directory provides built-in password policies to control various aspects of password management in the environment. One of the password configurations traditionally controlled at the password policy level is password expiration. Many organizations use password expiration policies to secure Active Directory accounts as part of... Read More

masked password credential attacker

Pipeline Cybersecurity Initiative best practices

There is no question that ransomware attacks are on the rise.  They present what is arguably the most dangerous risk to businesses today when looking at the cybersecurity threat landscape. Recently, a ransomware attack impacted the Colonial Pipeline, one of the largest fuel... Read More

finger on scale

Service account security best practices

There are number of privileges and roles granted to Windows users. However, it’s often necessary to restrict roles to specialized accounts called service accounts. These Active Directory (AD) accounts have deeper access to OS infrastructure, making them both handier and higher-priority... Read More

password length on screen

What is the NCSC guidance on password managers?

To keep our accounts secure across the multiple services that we use, we need to choose strong passwords that are unique for each account or service. Yet, 52% of people reuse the same password for multiple accounts.   Remembering multiple strong passwords for perhaps dozens of... Read More

PCI compliance requirements in the UK

In 2018, criminals successfully stole £1.2 billion through fraud and scams. Now more than ever, businesses that processes cardholder data look to the Payment Card Industry Data Security Standard (PCI DSS) for security recommendations. PCI DSS is a set... Read More

NIST password standards

NIST Password Standards

The National Institute of Standards and Technology (NIST) sets the information security standards for federal agencies. Through its Special Publication (SP) 800-series, NIST helps organizations meet regulatory compliance requirements such as HIPAA, and SOX. The recent update to the... Read More

Specops uReset and GDPR compliance

With the introduction of Specops uReset (version 8.1 or later) in the Microsoft EU data center, organizations can now choose which instance of Specops uReset they want to use. Specops uReset is a hybrid password reset solution. The cloud... Read More