Phone: 1300 410 900

Tag: Information Security

Categories

CASE STUDY – OFFICE 365 BREACH
  • #case study
  • #cyber attack
  • #cyberattack
  • #Information Security
  • #Office 365

CASE STUDY – OFFICE 365 BREACH

Published on April 14th, 2020 12:22PM by Christopher McNaughton

CASE STUDY  (5 Min read)  The following case study details a case where SECMON1 was engaged to conduct a security review of an organisation’s O365 environment. The organisation had received some information from clients which caused them to suspect they had been breached. It was clear from the outset that a breach had occurred.  A […]
Office 365 Under Increased Attack
  • #Information Security
  • #Office 365

Office 365 Under Increased Attack

Published on April 7th, 2020 04:28PM by Christopher McNaughton

The recent increase in employees working remotely, combined with the migration to platforms such as Microsoft Office 365, has seen a dramatic increase in security incidents. The main reasons for these are typically poor implementations and lack of visibility of activity. Microsoft Office 365 is highly targeted due to its wide popularity and the often […]
Application Patching – Information Security Essentials
  • #application patching
  • #Information Security
  • #patching

Application Patching – Information Security Essentials

Published on April 1st, 2020 07:21PM by Christopher McNaughton

Application Patching Application patching refers to applying updates to software applications. It is absolutely critical for ensuring system security and must be done as soon as practicable.  Time is key with patching: it is ideal to apply patches within 48 hours of release from the relevant software provider or vendor.  When installing new applications, always […]
Configuring Macro Settings – Information Security Essentials
  • #Information Security
  • #macro
  • #macro settings

Configuring Macro Settings – Information Security Essentials

Published on April 1st, 2020 07:20PM by Christopher McNaughton

Configuring Macro Settings Disabling or limiting Microsoft Office macros can aid in preventing malicious code from entering your organisation’s network. Compromised macros can often evade basic email content filtering and application whitelisting. While macros can greatly improve productivity, they can also make your systems vulnerable, especially if they are out-of-date or downloaded from the Internet. […]
Application Whitelisting – Information Security Essentials
  • #Application Whitelisting
  • #Information Security

Application Whitelisting – Information Security Essentials

Published on April 1st, 2020 07:20PM by Christopher McNaughton

Application Whitelisting Application Whitelisting is a means to limit the number of programs running in your business environment that can potentially pose a danger to the security of your data.  It restricts users from installing and accessing applications on their computer or electronic device other than those explicitly allowed by your company. In the SECMON1 […]
Multi Factor Authentication – Information Security Essentials
  • #Information Security
  • #mfa
  • #multi factor authentication

Multi Factor Authentication – Information Security Essentials

Published on April 1st, 2020 07:20PM by Christopher McNaughton

Multi Factor Authentication Multi-Factor Authentication requires end users to provide multiple methods of identification to confirm their identity in order to gain access to corporate resources and applications, as well as perform online transactions. By requiring an additional factor beyond a simple password, multi-factor authentication technology makes it far more difficult to exploit the login […]
User Application Hardening – Information Security Essentials
  • #application hardening
  • #Information Security
  • #user application hardening

User Application Hardening – Information Security Essentials

Published on April 1st, 2020 07:20PM by Christopher McNaughton

User Application Hardening While useful for many business operations, applications like Flash, Java, Adobe Acrobat and certain features in Microsoft Office (e.g. OLE), can allow malware or intruders to enter your network. Disabling these applications and blocking online ads can remove any opportunity for adversaries to exploit these potentially disruptive tools. If your organisation uses […]
Restricting Administrator Privileges – Information Security Essentials
  • #admin priveleges
  • #Information Security
  • #local admin
  • #local administrator

Restricting Administrator Privileges – Information Security Essentials

Published on April 1st, 2020 07:19PM by Christopher McNaughton

Restricting Administrator Privileges Restricting administrative privileges makes it difficult for to spread malware and malicious code inside your network. In terms of access to your valuable business data, administrative accounts are the keys to the kingdom. If malicious code is activated using an administrative account, it can elevate its privileges, spread to other hosts, avoid […]
Operating System Patching – Information Security Essentials
  • #Information Security
  • #operating system
  • #os patching
  • #patching

Operating System Patching – Information Security Essentials

Published on April 1st, 2020 07:19PM by Christopher McNaughton

Operating System Patching Operating System (OS) patching refers to applying updates to operating systems. It is absolutely critical for ensuring system security. Time is of the essence in patching. It is ideal to apply patches within 48 hours of release.  In the SECMON1 blog post ‘Security Overview – Information Security Essentials’ , we spoke about […]
Disabling Local Administrator Accounts – Information Security Essentials
  • #Information Security
  • #local admin
  • #local administrator

Disabling Local Administrator Accounts – Information Security Essentials

Published on April 1st, 2020 07:19PM by Christopher McNaughton

Disabling Local Administrator Accounts The Administrator account (NT AUTHORITYAdministrator) exists by default on all Microsoft Windows (Windows NT-based) systems and Active Directory domains. It is typically used as a setup and disaster recovery account. If you must use the local administrator account, only use it during setup and to join the machine to the domain. […]
1 2 3 ... 8