Ransomware attacks are on the rise and target businesses across many industries and sectors. Government entities are also on the radar of ransomware gangs and have been the subject of many high-profile ransomware attacks. Governmental entities have been a... Read More
Compliance
Categories
Active Directory and domain controller security best practices
Windows Servers in the environment housing the Active Directory Domain Services (AD DS) role are some of the most sought-after targets for attackers today. It is because Active Directory contains the credential store for all the user and computer... Read More
Ransomware attack types: Ransomware Attacks 101 – from Wannacry to Darkside
Think of ransomware attacks as virtual kidnapping. Ransomware actors use encryption to hold your devices’ functions and files hostage or lock you out of your system. Then they request a ransom for its release. These actors are mostly motivated... Read More
Family Educational Rights and Privacy Act (FERPA) | Cybersecurity guide
Most have heard of HIPAA, GPDR, and other compliance regulations and best practices that govern data privacy and security for healthcare, personally identifiable information, and other forms of sensitive data. However, when it comes to educational institutions, the Family... Read More
Vulnerability testing vs. Penetration testing
With the wide range of growing cybersecurity threats creating risks for businesses today, organizations must be proactive in their approach to cybersecurity. The days of reactive security and waiting for cybersecurity incidents are over. The sheer scope, scale, and... Read More
Ransomware Prevention Best Practices
A thriving industry of holding data hostage has emerged out of the malicious software known as ransomware. The FBI’s Internet Crime Complaint Center (IC3) states in its Internet Crime Report for 2020 that it received a record number of... Read More
Passwordless realities of Entra ID (formerly Azure AD) Temporary Access Pass
One of the new movements in authentication technology is called passwordless authentication. With passwordless authentication, end-users can use other means to sign in aside from the traditional password. Microsoft’s Temporary Access Pass for Microsoft Entra ID (formerly Azure Active... Read More
Is your SSO login protected enough?
Today, many organizations use more systems than ever, spanning on-premises and cloud environments. As a result, employees are tasked with remembering more and more passwords as the number of systems and services continues to grow. Single Sign-On (SSO) is... Read More
Government of Canada password policy and best practices
Governments worldwide document specific guidance related to cybersecurity and define best practices related to protecting business-critical resources from attack. The Government of Canada (GC) provides detailed password guidance best practices to keep passwords from being compromised. In this review... Read More
Compliance Falls Short: New Research Shows Up to 83% of Known Compromised Passwords Would Satisfy Regulatory Requirements
Organizations of all kinds look to regulatory recommendations and standards for guidance on how to best construct a secure password policy for their networks. However, new research shows regulatory password complexity and construction recommendations are not enough. Today, the... Read More