The HDI 2016 Conference and Expo happened last week in Orlando, Florida. For ManageEngine, it was a busy, engaging, and a very satisfying experience. IT admins, help desk managers, and others walked into our booth to check out the host of ManageEngine products, keeping us on our toes throughout the day. ManageEngine’s flagship product, ServiceDesk Plus, was in focus. A few customers walked in and shared their ServiceDesk Plus experiences with inquiring visitors—let’s call it word-of-mouth marketing!
As always, the HDI event was packed with keynote speeches and multiple learning tracks. The expo floor buzzed with action as attendees shared their help desk stories, pain poin…
Come join other ManageEngine users on June 1-2, 2016, in New Jersey and learn new ways to make managing your IT even more fun. We know—we didn’t think it was possible, either.
You are invited to our two day event filled with presentations, hands on demonstrations, question and answer panels, and one-on-one sessions to help you make IT management simple, fast, and efficient. You can also network with our experts and other ManageEngine users.
At UserConf16, you will gain insight into our solutions for IT service management, IT operations management, Windows Server and Active Directory management, Device management, and IT …
According to a recent report by Deloitte, the average cost of a data breach to a single Australian business is more than $2.5 million per year. On top of that, the average breach compromises more than 20,000 records (accounts or credentials). These numbers are expected to rise as organisations confront the twin challenges of protecting their on-premise software well as their applications in the cloud. It is really no surprise that in a recent survey reported by CIO.com, the majority of CIOs listed IT security as one of their chief priorities for the year 2016.
The adaptive security architecture can help enterprises shift their existing mind-set of “incident response,” wherein incidents ar…
Accessing web resources securely is essential for enterprises and educational institutions. And so, mobility management now includes the ability to filter web content. With web content filtering, organizations can manage, restrict, and channelize content to specific user groups. Limiting website access not only improves productivity, it also functions as a valuable security feature. It enables you to dodge malware attacks from malicious web pages.
How it works.
The web content filtering feature works on Apple mobile devices running iOS 7 and above, using a Safari browser. In addition, the devices must be supervised with Apple Configurator or Device Enrollment Program through a mobile device …
In a recent conference, I was privy to a insightful session on password cracking. No, not pass-the-hash, pass-the-ticket, token manipulation, or other high-tech techniques. Rather, just simple brute force hacks, with some twists. It reinforced what I have been teaching for years, which is that our passwords are nearly worthless. Let me explain.
Most organizations allow users to use weak and pathetic passwords. A typical password policy looks like this:
- Minimum password length: 6 to 10 characters
- Types of characters in the password: At least 3 or the 4 required (a, A, 1, $)
One would think, since that is the default from Microsoft, that it would be a good recipe for a strong password. Unfortunately, it is not. …
Many organizations rely on user account attributes to run queries against Active Directory and get lists of user accounts. For example, an administrator might run a query against the department attribute to find all finance users. If, however, a user’s department is not filled out in Active Directory, the user will not be returned in any query for department (unless a query of null is run).
So, how can you require certain essential user account attributes to get the results you want?
You could update the Active Directory schema to make the required user account attributes mandatory. This might end up being a large issue, as it requires that the attribute be configured before the user account is created. …
Email is an indispensable business communication medium. It’s fast, targeted, and makes it simple for the recipient to respond. With mobile devices transforming workplaces, email communication has become more pervasive and valuable. Unfortunately, this transformation has a dangerous side effect: data leakage due to the vulnerability of the mobile devices.
Clearly, email security is the need of the hour. With the arrival of mobility management tools, one practical way of securing email is by managing the mobile devices that access email. You can do just that with Exchange ActiveSync’s for mobile devices.
Give email access only to managed devices.
I know I’m not alone on this one. I travel a lot, and I always hated when my password expired while I was traveling, but I wasn’t notified. Sure, there is a notification built into Windows, but that only shows up as a pop-up on your computer when you’re logged in to the corporate network. What about road warriors who use a VPN or remote applications? It’s very frustrating when passwords expire and you’re in a remote location.
To eliminate this problem, why not help users out by giving them notifications through other means, not just a pop-up on their computer? We can do that! Our solution gives you two of the best possible options for mobile, or even in-house, users.
In my previous blog, we learned about the basics of adaptive security architecture .We also learnt why enterprises need to focus on a more comprehensive and progressive approach to address their IT security risks.In this blog, we will learn some of the main reasons why enterprises should adopt adaptive security architecture.
Traditionally, enterprise security has focused on blocking and prevention techniques (e.g., antivirus software) as well as policy-based controls (e.g., firewalls). However, sophisticated targeted attacks are easily bypassing traditional firewalls and signature-based prevention mechanisms, making it impossible to protect the enterprise platforms with those techniq…
User accounts that were created yet the user never logged in – such user accounts are a significant security issue for all Active Directory environments. You can read more details about this security issue here.
Given the security risk posed by these user accounts, how do we address that risk? Ideally, we would want an automated system to help out. There is a solution, which is automated! The solution is ADManager Plus.
In order to automate a solution to address the problem, we need to consider the following parameters:
- Obtaining a list of user accounts that have never had a user log in.
- Obtaining the “when created date” for each user account obtained in parameter 1.
- Determining the length of time that is ac