Our Top Predictions for 2012

It’s that time of year again—reruns of It’s a Wonderful Life (or The Lord of the Rings), comfy chairs in front of a blazing fire, libations and cheer, and when we start to consider what’s around the corner for us next year. This time we’re avoiding the long shopping list of predictions for a few…

Authorized Access – Understanding how US laws affect your authorization policies

In 1986, the United States Congress passed the Computer Fraud and Abuse Act (CFAA).  While the intent of these laws were originally to protect government computers and information from hackers, the laws have been applied to commercial interests, as well. Specifically, the Computer Fraud and Abuse Act subjects punishment to anyone who “knowingly and with…

Reduce Risk for Your Most Critical Assets: Data and People

Register for our TechTalk on December 1, 2:00 pm (EST) with Varonis partner, SPHERE Technology Solutions Every company knows that they have risk, either from external or internal forces, but few know where this risk comes from, how to measure it and more importantly how to effectively reduce their risk. It boils down to two…

Hampton Products

“We have a level of confidence now that we didn’t have before Varonis. DatAdvantage helps us simplify security and know with certainty that files and information at risk for overly permissive access are locked down.” That quote’s from Brian Millsap, CIO and Vice President at Hampton Products, who announced today that they’ve successfully implemented Varonis…

Data Authorization Processes – A need to relive the past

In 1941, the accounting governance body, the American Institute of Certified Public Accountants (AICPA) overhauled their Rules of Professional Conduct.  Rule 16 stated “A member or an associate shall not violate the confidential relationship between himself and his client.”  This provision was developed to guide Accountants (Data Stewards) and to reassure their customers (Data Owners)…

Big Data

Big data is in the news quite a bit these days as organizations become excited about the possible benefits of analyzing website traffic, database logs, and many other kinds of “Big Data.”  Some Big Data examples that are of particular interest are the spreadsheets, images, emails, audio files, video files, blueprints, and presentations that reside…

Open Shares

In my post last week, Share Permissions, I promised I’d write a follow up post on “open shares.” Open shares, in a nutshell, are folders that are accessible to all (or pretty much all) of the people on the network. In the Windows world, these are folders are that are shared over the network via…

Windows Auditing

Before we really dig into how we’re going to fix authorization problems, we need to tackle that last level of data protection: access auditing and analysis. With access control this basically means: are we recording what people are doing, and are we reviewing those logs to make sure what they’re doing is appropriate? Authorization implies…