For its average user, over a 100 million of them, O365 equals seamless access to corporate data, and a ton of apps. For the IT administrator, it is a bigger attack surface, added complexities, and of course, a few... Read More
Specops Software Blog
How to create a fine-grained password policy in AD
For the first eight years of Active Directory, the only native way of having multiple password policies in your AD forest, was to have multiple domains. When Windows Server 2008 arrived on the scene, Microsoft introduced the concept of... Read More
O365 attacks continue exploiting your weakest link
With more than 120 million active users, Office (O365) is a frontrunner in the cloud service popularity contest. Consequently, its users are equally popular with hackers. For IT pros, storing data in the cloud means a bigger attack surface,... Read More
Security questions – authenticating with your worst kept secrets
Knowledge based authentication (KBA) is a form of identity verification that asks users to answer a “secret” to prove their identity before accessing a system. Passwords and security questions are the most common forms of KBA. Their familiarity means... Read More
Press Release: Specops enables organizations to comply with password requirements from NIST and NCSC
Specops Software announced today the release of Specops Password Policy 6.7, which provides customers with a compromised password list to comply with requirements from the National Institute of Standards and Technology (NIST) and National Centre of Cyber Security (NCSC).... Read More
How things work: Group Policy Caching
The release of Windows 8.1 and Server 2012 R2 introduced a new Group Policy concept called Group Policy Caching. Its purpose is to reduce the time it takes to perform certain scenarios for synchronous foreground Group Policy refresh. Here’s... Read More
Specops Software Appoints New CTO and Expands Development Team
Stockholm, Sweden – February 22, 2018. Specops Software announced today the appointment of Lori Österholm as Chief Technology Officer. The company also announced today the further expansion of the development team in the European and North American operations. Former... Read More
Knowledge Based Authentication fails to deliver
Knowledge based authentication (KBA) has long been used as the backup verification method when someone has forgotten their password. But even if it is regularly in use, it fails to deliver on the identity verification promise. Static and dynamic... Read More
What breach disclosure requirements mean for your organization
Following a data breach incident, organizations following compliance standards, such as HIPAA, need to follow certain data breach notification requirements. This post will summarize some of these requirements, as well as regional-specific disclosure responsibilities. For the purposes of this... Read More
New MFA requirements for PCI password compliance
The Payment Card Industry Data Security Standard (PCI DSS) regulates security practices to protect cardholder data. Password compliance plays an important role in the PCI standards by dictating password complexity to strengthen defense against unauthorized access. New requirements coming... Read More