What is Identity as a Service ?

Businesses are increasingly faced with the need to move to the cloud because many factors including cost, features and vendor requirements. Yet data security is continually cited as a major concern with the potential to prevent them from moving to the cloud. Still Software vendors therefore have continued to transition functions, features and data into the cloud. This has contributed to the widespread use of cloud based mobile and desktop applications. It is out of this transition that identity management as a service has emerged. Identity as a service is an authentication infrastructure that is kept in the cloud and offers all the benefits of the cloud. The most common among these benefits are: easier management, reduced on-site infrastructure and a broader range of options for integration. Identity as a Service (IDaaS) is typically built, hosted and managed by third-party service providers. This authentication…

Mobile Device Management

The Changing Fortunes of Mobile Device Management Mobile Device Management is often referred to as MDM. At its simplest; it is the remote administration of mobile devices such as smart phones, tablets and laptops. In practice, this can include tracking their location, accessing and manipulating their content such as installing corporate applications, and monitoring how the devices are being used. A famous recent example of is the tracking of driver’s smart phones by employers to know who was working their assigned route and who is playing golf instead. How Mobile Device Management Became a Big Deal The Bring-Your-Own-Device to work culture is the reason why MDM is becoming big business. As mobile devices became commonplace, many businesses were forced to embrace the idea of employees using their smart phones, tablets and laptops to access and send work related messages and data. But that created…

Microsoft Windows Server 2003 End of Life

It is very easy to feel comfortable with a server that has been running stably and reliably for years. When Windows Server 2003 was released it offered greatly enhanced scalability through additional RAM access and improved multithreading along with enhanced security. But there comes a day when the risks of keeping that server as is outweighs the benefits of leaving it as it. That day has been marked as July 14 2015 for Windows Server 2003, the last day that Microsoft will provide updates for the operating system. What can you expect? No More Updates After July 14th Microsoft will not provide patches, security updates or hot fixes. These unmatched vulnerabilities can lead to cybersecurity problems such as malicious attacks or even data loss. In addition most vendors will no longer provide driver update and patches leaving the hardware vulnerable to issues that can…

Understanding the risks of accepting Credit cards, PCI-DSS

Does your business accept credit cards? Do you need it to? You’ll want to understand what responsibilities you take on by accepting these forms of payment. Small businesses are prime targets for data thieves. If you don’t protect your systems against these, you may be subject to paying restitution, fines, or lose the ability to accept cards as payment. Security Standards The Payment Card Industry Data Security Standard (PCI DSS) is a compliant data transfer standardization that is used to ensure the security and privacy of the transfer of financial information. It was designed as a standard to ensure that any company that would process, store, or transmit credit card information maintains the security necessary to provide a secure pathway in which to transfer financial information. While PCI DSS is not a law, it is a global and almost universally accepted set of security…

Does my Forest Functional Level Matter?

For many administrators, domain functional levels on Windows Server 2008 R2 are somewhat of an afterthought. Because the default domain functional level works adequately for most environments, the procedure for raising the domain functional level is seen as an unnecessary complication. In reality, the raising procedure is straightforward and the benefits gained can prove to be well worth the minimal investment in time required to perform the raising procedure. In simple terms, the domain functional level dictates the implementation of Active Directory that is in use on your network. As you would expect, the higher the domain functional level, the more functionality that is available. In some cases, the additional functionality might be in the form of features, such as the ability to deactivate unnecessary attributes from the schema, that may not interest you all that much. In other cases, features like the ability…

Do you have a Patch Management Process?

Patch management is a circular process and must be ongoing. The unfortunate reality about software vulnerabilities is that, after you apply a patch today, a new vulnerability must be addressed tomorrow. The great news is that as a Bridgehead I.T. Client, the process is part of your monthly maintenance. Develop and automate a patch management process that includes each of the following: Detect. Use tools to scan your systems for missing security patches. The detection should be automated and will trigger the patch management process. Assess. If necessary updates are not installed, determine the severity of the issue(s) addressed by the patch and the mitigating factors that may influence your decision. By balancing the severity of the issue and mitigating factors, you can determine if the vulnerabilities are a threat to your current environment. Acquire. If the vulnerability is not addressed by the security…