You know how security experts keep telling you not to use the same password on multiple accounts? Yup, there’s a good reason for that. It’s called credential stuffing. It’s a type of cyberattack that affects the security of millions of people. As bad as that might sound, there are ways ... Read More

Extending the Benefits of the Principle of Least Privilege If you’ve ever had a job where certain information was dispersed on a need-to-know basis (and who hasn’t), then you can relate to the principle of least privilege (PoLP). In a broad sense, it’s about restricting access to sensitive data. Only ... Read More

Active Directory Security Vulnerabilities: the role of PAWs in a Strong AD Defense Microsoft Active Directory (AD) provides directory services for organizations that use Windows Server. Based on the Lightweight Directory Access Protocol (LDAP), AD provides a range of directory functions, including centralized domain management and Identity and Access Management ... Read More

Let’s stipulate up front that there are certain situations where Virtual Desktop Infrastructure (VDI) and Desktop-as-a-Service (DaaS) are viable and even a wise choice. That said, if you make the move to VDI with an expectation that the technology will save you money, it’s not going to end well. VDI ... Read More

Network segmentation is a common and effective cybersecurity countermeasure. As attacks get more sophisticated, however, security tactics need to advance in parallel. For example, endpoints (laptops, desktops and workstations) are often considered among the “weakest links” in a cybersecurity strategy. They are thus the prime targets for network penetration attacks ... Read More