Shadow IT and the inherent risks explained

What is Shadow IT? Shadow IT, a wonderfully ominous term, but what does it really mean? Essentially, Shadow IT is considered to be any IT system, service, mechanism, or methodology that has been adopted within your organisation outside of the view, control, oversight, or sanction of the organisation and IT Administration. Classic examples are file …

Read more

Spectre. Have you enabled or just installed the patches?

Spectre and Meltdown.  A lot has been said about the risks and potential effects of these . However, amongst all the noise around the status of firmware, patches, performance impact and so on, there is something that has maybe not been made clear enough. And that is that the difference in how the Microsoft patches …

Read more

User Authentication: Why I would get shot of passwords

Why would I get shot of passwords? User authentication is due an upgrade. Hopefully you are familiar with the multitude of reasons why passwords are a poor way to prove identity. And the compelling arguments for moving away from their use. This includes, but is not limited to, the prevalence of password sharing amongst MPs, …

Read more

Meltdown and Spectre. Quick work by Azure

Meltdown and Spectre. What are they? A new computer security vulnerability has been disclosed in the past few days, discovered by Google Project Zero, named Meltdown and Spectre. Essentially, the two issues allow unauthorised access to data, potentially even across virtual machines (VMs). This means, regardless of access levels, one VM could read sensitive information …

Read more

Client Access Rules for Exchange Online explained

Controlling end-user access to Exchange Online Control of end-user access to Office 365 is an important business requirement. If your organisation has deployed Office 365 you are probably familiar with Azure Active Directory’s Conditional Access Policies. And if Active Directory Federation Services (ADFS) has been deployed, AFDS Access Control Policies. Depending on conditions such as …

Read more

Security breach solutions: Microsoft Office 365 & Azure

The “Assume Breach Paradigm” seems a bit alarmist and unnecessary you may think. “In fact it’s probably just a way of making our organisation spend more” you might say. It is indeed alarmist, but there is substance behind it and unfortunately I have personal experience of breaches. Hence, my view is that some investment is …

Read more

Intrusion detection with Microsoft Azure & Office 365

In this blog, Peter Holland explains why Intrusion Detection is vitally important and why Microsoft’s solutions within Azure and Office 365 are not the intruder’s friend. What is Intrusion Detection? Not long ago, most organisations considered intrusion detection something to do with identifying an external party illegitimately connecting to internal systems and resources. The network …

Read more

SharePoint Workshops: What to Expect

Is your company looking for a better way to manage content and collaborate? Sign up for a SharePoint workshop from Silversands: Silversands has a long tradition of hosting informative, interactive IT workshops at various locations around the country. What to expect from an IT workshop The aim of these IT workshops is to give IT …

Read more

IT Security and Identity Management

Every business needs identity and IT security management Identity and IT security management are broad terms that cover many different solutions including Active Directory, malware protection, content inspection, endpoint protection and authentication, amongst others.  Whatever the specific requirement, the importance to the successful and secure operation of any organisation cannot be denied.  Silversands has the …

Read more