I mentioned last week that organizations are moving toward using single-purpose security groups, where each shared folder has a read group and a write group on its ACL, and these groups are not used to permission other folders or resources. … Continue reading →

More and more of the companies I’ve been meeting with recently are discussing the need to align groups with data, and then to perform entitlement reviews (aka permissions audits/attestations) on the re-aligned groups or the data itself. One administrator took … Continue reading →

One of the things our customers ask us from time to time is how RSA DLP, RSA Archer and Varonis can work together. RSA Archer is an eGRC or enterprise governance, compliance and risk product. It’s designed to help organizations … Continue reading →

Many times in organizations there is such a focus on databases in regards to PCI Compliance that other critical data repositories are neglected to the detriment of an organizations compliance efforts. E-Commerce Times, just published an article by David Gibson, Director … Continue reading →