Whaling & CEO Impersonation: A simple (free) way to avoid it

While there is always a lot of focus on phishing emails directing users to malicious pages or capturing credentials using cloned websites, a still-very-common scam catches organisations out every day: the ceo impersonation scam. The aim of these scams is to have an employee – often a new one in the organisation – sent an…

Read more

Syncing SharePoint folders to Microsoft OneDrive

What are SharePoint and OneDrive? In order to understand synchronisation, we first need to understand what we are synchronising. SharePoint SharePoint is the Microsoft document management and Intranet tool – organisations can use it to store all their company files/data/folders and to restrict user access to them. SharePoint is a cloud-based product with advanced features…

Read more

Risk management in information security

Information security risk management is the process of identifying vulnerabilities to your information assets that could impact their confidentiality, integrity or availability along with the threats that could exploit those vulnerabilities – together these define the risk.  The next step is to evaluate the risk to determine its severity, usually by considering the impact if…

Read more

How does DNS work Cheatsheet / Infographic

We recently saw an infrographic posted to LinkedIn describing how DNS worked that was full of errors.  Now no simple diagram is going to cover all aspects of DNS but we feel that ours is the best balance of accuracy and simplicity! Some people suggested that the full DNS query (the FQDN) wasn’t submitted to…

Read more

Outlook Send Delay Guide

Have you ever clicked Send on an email only to have a moment of terror when you’re not sure if you sent it to the right recipient? Or worse, you knew you’d sent it to the wrong recipient, and it had sensitive information attached but it was too late to do anything. Fortunately, Outlook has…

Read more

Information Assets – what are they and why should I care?

Information security is all about ensuring the availbility, confidentiality and integrity of information assets (the CIA triad), however many organisations attempt the risk assessment phase of an information security programme without having clear visibility of what their information assets are or perhaps they are aware of some but haven’t prioritised nor modelled the threats against…

Read more