To help increase their cybersecurity posture and successfully meet compliance regulations, organizations must consult the latest guidance regarding security and privacy controls for securing business-critical data. The National Institute of Standards and Technology (NIST) is a respected authority for... Read More
Blog
Categories
How to make your password policy NCSC compliant
The National Cyber Security Centre (NCSC), formerly known as the CESG, introduced new Cyber Essentials password recommendations to combat the swell of data breaches. What was once perceived as a best practice, such as password complexity, is now considered... Read More
Password Managers with AD Integration: What to Look For
Organizations looking to manage passwords beyond the Active Directory password might choose to do so with an enterprise password manager. Organizations that run on Active Directory will have an AD integration at the top of their shopping list. So,... Read More
Celebrate World Password Day with a password audit
May 5, 2022 marks the ninth anniversary of World Password Day, an event created by Intel to raise awareness about the importance of strong passwords. For more than 60 years we have relied on passwords to secure our personal... Read More
Virginia Consumer Data Protection Act
The Virginia Consumer Data Protection Act (VCDPA) was recently signed, making it the second state that has signed a consumer privacy regulation into law. This legislation follows what was implemented in California by way of the California Consumer Privacy... Read More
NIST MFA guidelines
End-user passwords are often the weakest link in IT security, providing the path of least resistance for an attacker looking to penetrate business systems. Users commonly choose easy to remember, and consequently, easy to compromise passwords. In IBM’s Cost... Read More
2022-2023 NIST 800-63b Password Guidelines and Best Practices
The most basic form of authentication is the password. Despite many advancements in cybersecurity, the username and password, although outdated, are still used as the most common form of authentication today. Enterprise environments have long used password policies to... Read More
Comprehensive list of international industry-specific Password Policies
Using a password policy is an important part in enhancing your organization’s password security. Cyberattacks continue to explode around the world with a variety of techniques to compromise corporate passwords. To defend against these attacks, organizations employ password policies... Read More
Forcing a password reset? This new Password Auditor report can help
Today, Specops Software released the latest version of Specops Password Auditor, introducing a new report that will make the lives of IT admins looking to force a password reset a little easier. This release comes in response to last... Read More
Active Directory reversible encryption explained
If you have administered password policies in Active Directory or looked at the local policies present in the Windows client operating system, you may have noticed an interesting setting contained in the Account policies section. The setting is Store... Read More