Shadow IT and the inherent risks explained

What is Shadow IT? Shadow IT, a wonderfully ominous term, but what does it really mean? Essentially, Shadow IT is considered to be any IT system, service, mechanism, or methodology that has been adopted within your organisation outside of the view, control, oversight, or sanction of the organisation and IT Administration. Classic examples are file …

Read more

Spectre. Have you enabled or just installed the patches?

Spectre and Meltdown.  A lot has been said about the risks and potential effects of these . However, amongst all the noise around the status of firmware, patches, performance impact and so on, there is something that has maybe not been made clear enough. And that is that the difference in how the Microsoft patches …

Read more

User Authentication: Why I would get shot of passwords

Why would I get shot of passwords? User authentication is due an upgrade. Hopefully you are familiar with the multitude of reasons why passwords are a poor way to prove identity. And the compelling arguments for moving away from their use. This includes, but is not limited to, the prevalence of password sharing amongst MPs, …

Read more

Security breach solutions: Microsoft Office 365 & Azure

The “Assume Breach Paradigm” seems a bit alarmist and unnecessary you may think. “In fact it’s probably just a way of making our organisation spend more” you might say. It is indeed alarmist, but there is substance behind it and unfortunately I have personal experience of breaches. Hence, my view is that some investment is …

Read more

Intrusion detection with Microsoft Azure & Office 365

In this blog, Peter Holland explains why Intrusion Detection is vitally important and why Microsoft’s solutions within Azure and Office 365 are not the intruder’s friend. What is Intrusion Detection? Not long ago, most organisations considered intrusion detection something to do with identifying an external party illegitimately connecting to internal systems and resources. The network …

Read more