Microsoft Active Directory provides built-in password policies to control various aspects of password management in the environment. One of the password configurations traditionally controlled at the password policy level is password expiration. Many organizations use password expiration policies to secure Active Directory accounts as part of... Read More
Compliance
Categories
Pipeline Cybersecurity Initiative best practices
There is no question that ransomware attacks are on the rise. They present what is arguably the most dangerous risk to businesses today when looking at the cybersecurity threat landscape. Recently, a ransomware attack impacted the Colonial Pipeline, one of the largest fuel... Read More
What is the NCSC guidance on password managers?
To keep our accounts secure across the multiple services that we use, we need to choose strong passwords that are unique for each account or service. Yet, 52% of people reuse the same password for multiple accounts. Remembering multiple strong passwords for perhaps dozens of... Read More
How to configure the NCSC password list in AD
Passwords are one of the weakest links when it comes to ensuring that your environment is secure. Traditional user accounts and the associated passwords have long been the default security mechanism found in most environments. With the very advanced... Read More
CJIS Password Policy Requirements
The Criminal Justice Information Services Division (CJIS) is a division of the FBI that provides a number of tools and services to law enforcement agencies around the country. Through systems like the National Crime Information Center (NCIC), Integrated Automated... Read More
Guide to NCSC’s Cyber Essentials password policy compliance
Passwords play an important role in the Cyber Essentials scheme. If you are planning for Cyber Essentials accreditation, you will need to make sure your password policy is up to the challenge. Read More
Specops uReset and GDPR compliance
With the introduction of Specops uReset (version 8.1 or later) in the Microsoft EU data center, organizations can now choose which instance of Specops uReset they want to use. Specops uReset is a hybrid password reset solution. The cloud... Read More
How do I create HITRUST compliant password policies?
The HITRUST CSF clarifies guidelines on security standards for the healthcare industry with specific feature recommendations where the password management system is concerned. Read More
How and why the NHS should transform password policy for greater security
The password policy guidance from the NHS doesn't stand a chance against today's attacks. With a single breach opening the door to other systems, the NHS needs to stop users from using vulnerable passwords. Read More
What breach disclosure requirements mean for your organization
Following a data breach incident, organizations following compliance standards, such as HIPAA, need to follow certain data breach notification requirements. This post will summarize some of these requirements, as well as regional-specific disclosure responsibilities. For the purposes of this... Read More