IT Security News & Blog

Today we heard some news which had passed relatively quietly through the usual media outlets, despite it being highly embarrassing for the cloud-based managed file transfer vendor WeTransfer....

How do you deploy your Windows Server images? If you are anything like the majority of IT teams out there, you download the latest ISO from the Microsoft website, maybe even use one you have downloaded in the past. Then post install you spend a couple of hours applying all the patches which have been released since....

That's right, not GDPR or PCI DSS, like most other blogs and articles you might be reading online...but ITAR. The International Traffic in Arms Regulation, which governs the trade and export of defense materials and services in the US....

After eight years of working with managed file transfer solutions (MFT), there is one use case which pops up time and time again....

The GDPR (General Data Protection Regulation) is a difficult beast, with some estimates as low as 15% for the number of organisations who considered themselves GDPR ready by May 25th 2018. Not a surprise then considering the debacle that was re-consent email deluge and the "we have changed our privacy policy" communications that flooded everyone's inbox....

It may be obvious to some that FTP (File Transfer Protocol) is an insecure protocol; and that its continued use for transferring sensitive or personal is inappropriate. Yet, its use for that very purpose still continues according to Rapid7, creating an unnecessary risk....

Do you send sensitive documents and files using regular email? Could you do more to protect those documents and files to ensure their confidentiality? These are just two of the more obvious questions which many an IT administrator and security officer are now asking their organisations, as the world and it's regulators become more focussed and stringent on data protection....

Now that the General Data Protection Regulation (GDPR) is live and enforced, the focus has shifted from how to comply with how to maintain the controls and processes which have been implemented. While this may just seem like a continuation of what has been achieved already, it is in actual fact a moment to improve. Those processes and changes which were rushed or not properly embedded into day-to-day operations will now need to be cultivated amongst staff for the long haul....

Is the board listening? We all know that GDPR will be enforced from 25th May 2018, but is your board aware of their new privacy obligations? While there is substantial GDPR coverage in the technical press, has the message got through to senior management?  Are their preparations adequate?...

As of May 2018, payment merchants and other credit card handling organisations will need to have familiarised themselves and have implemented the latest iteration of the PCI-DSS (Payment Card Industry - Data Security Standard). Version 3.2.1 expands on what is already a comprehensive and well-known standard by adapting to the rapidly changing climate of data protection, privacy and vulnerability management....

FIM or File Integrity Monitoring, is without a doubt a highly important layer of defence in any network worth protecting. Required by data security standards such as PCI-DSS and recommended by auditors and security practitioners globally. FIM monitors critical system files, operating system components and even network devices for unauthorised changes....

The GDPR (General Data Protection Regulation) has for some, fundamentally changed the way that businesses operate, with regard to the collection, processing and transferring of personal data. What is often referred to as the world's most forward-thinking data protection regulation, has forced data controllers to ensure basic levels of security are in-place in order to reduce the risk of loss, disclosure, unauthorised processing, deletion or manipulation....

Has there ever been a more confusing data security standard than the PCI-DSS? Even now, thirteen years on from its initial release, a clear understanding of what you need to achieve to be compliant may still be a challenge....

For some, a FIM (File Integrity Monitoring) solution is a compliance necessity, for others it features as a core component of their change management process. In either case, file integrity monitoring provides a mechanism for alerting when applications, system files or configurations change unexpectedly....

Irrespective of which industry your organisation belongs to, facilitating collaboration and the sharing of files and documents among your employees, customers and business partners is a key requirement for increasing your revenue generation potential. Effective collaboration with employees, customers and business partners means that at some point, files and documents will need to leave the security and boundary of your organisation....

IT solutions provider Systematic have chosen Ipswitch MOVEit Transfer as their MFT (Managed File Transfer) solution, describing the offering as "ticking all the boxes" after evaluating other competing solutions against GDPR and ITAR requirements.....