Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

How Much Does It Cost to Become PCI Compliant?

How much does it cost to become compliant with the Payment Card Industry Data Security Standard (PCI DSS)? It is challenging to put a number or an actual figure of becoming PCI compliant. The reason exact dollar amounts become a problem to predict is it depends on the size of the organization, whether they are eligible for the PCI Self Assessment Questionnaire (PCI SAQ), and the way they handle and store customer information.

The Policy Expert: Network Security: Restrict NTLM: Audit Incoming NTLM Traffic

NTLM is Microsoft’s old mythological authentication protocol. Although new and better authentication protocol has already been developed, NTLM is still very much in use. NTLM protocol has proven to have many flaws that result in potential vulnerabilities. One caution measure that can be taken is auditing and logging any NTLM traffic events.

The Policy Expert: RDS: Do Not Allow Clipboard Redirection

Specifies whether to prevent the sharing of clipboard contents (clipboard redirection) between a remote computer and a client computer during a Remote Desktop Services session. By default, Remote Desktop Services allows clipboard redirection. If the status is set to Enabled, users cannot redirect clipboard data.

The Policy Expert: RDS: Authentication for remote connections by using Network Level Authentication

This policy setting allows you to specify whether to require user authentication for remote connections to the RD Session Host server by using Network Level Authentication (NLA). This policy setting enhances security by requiring that user authentication occur earlier in the remote connection process. If you enable this policy setting, only client computers that support Network Level Authentication can connect to the RD Session Host server.

The Policy Expert: Lan Manager Authentication Level

LAN Manager (LM) is a family of early Microsoft client/server software that allows users to link personal computers together on a single network. Network capabilities include transparent file and print sharing, user security features, and network administration tools. In Active Directory if the Kerberos protocol is not negotiated for some reason, Active Directory will use LM, NTLM, or NTLMv2.

The Policy Expert: Do Not Allow Supported Plug and Play Device Redirection

This policy setting allows you to control the redirection of supported Plug and Play devices, such as Windows Portable Devices, to the remote computer in a Remote Desktop Services session. By default, Remote Desktop Services allows redirection of supported Plug and Play devices.

The Policy Expert: MMS: IP Source Routing Protection Level

IP source routing is a mechanism that allows the sender to determine the IP route that a datagram should take through the network. An attacker could use source routed packets to obscure their identity and location. Source routing allows a computer that sends a packet to specify the route that the packet takes.

The Policy Expert: Maximum Security Log Size

Maximum log size should be set to any kind of event logs, as part of your security policy. This configuration’s value is highly important for detecting attacks and investigating their source. Allocating insufficient storage space will lead to information loss of what happened in the network, therefore breaches could remain undetected.

Why is End-Point Security Important?

Aiming to provide security for end-point users, end-point security is one of the most discussed components of data protection and cyber security. In this article, we will discuss what end-point security is and why it is important for your business. What is an end-point? An end-point refers to a distant device which has back and forth communication with a specific network. Such devices include desktops and laptops, mobile devices like smartphones and tablets, work stations and servers.