Data Retention in the Social Media Era

 A variety of industry research analysts have indicated that 3 of the top 10 priorities for IT in 2013 will be initiatives focusing on BYOD, cloud computing and business analytics obtained via Social Media.  While these initiatives provide clear business benefits, they will challenge data retention and records management policies for most organizations. BYOD, cloud…

My Grandmother Uses Dropbox — Why can’t I?

My first involvement with tech occurred in the early 80s. I recall the days of modems, time division multiplexors, acoustic couplers, and dipswitches.  Most people don’t realize it, but cloud based file sharing existed in the 80s, but required an account with a major X.25 “cloud” service provider, such as Tymnet or Telenet. At the…

Top 5 Reasons Why Organizations Want a Dropbox Alternative

During a recent visit to Brazil, I encountered many customers and partners who faced a similar challenge – providing their clients with a safe, secure and genuinely easy way to share files and collaborate with data.  All faced a number of barriers and none were happy with the current offerings of cloud based file sharing solutions. …

What Do U.S. Security Legislation and Insurance Companies Have in Common?

Answer:  Both may affect the way businesses determine what constitute appropriate security measures. In February, Senators Joe Lieberman, Susan Collins, John D. Rockefeller IV, and Dianne Feinstein introduced the Cybersecurity Act of 2012. The intent of the Act is to give the Department of Homeland Security (DHS) additional power to set cyber security standards for…

Another Great Trade Robbery

“The Great Trade Robbery” – currently used in the context of questionable international trading policies and lopsided sports team player trades—now has yet another meaning. Two recent articles about Digital Espionage and IP theft by the Chinese Government and Chinese businesses describe a new trade robbery that has apparently been going for some time, and the…

Forensic Investigation of Data Theft (Part 3)

In my last post, we determined that someone added a fictitious user account, “Allen Carey,” to Active Directory and this account was used to steal trade secrets from “Alpha Chemicals.” Fortunately, you had the foresight to install the DatAdvantage suite of products which will help recreate the activities performed by “Allen Carey” but more importantly,…

Forensic Investigation of Trade Secret Theft (Part 2)

In our recent blog post, we discussed a hypothetical situation where the General Counsel of “Alpha Chemicals” approached you and requested a whole bunch of information about “Allen Carey,” including documents he accessed and email messages he read related to the company’s blockbuster product, “Transparent Aluminum”, and a list of permissions that “Allen” had to…

Forensic Investigation of Trade Secret Theft

Imagine this: You’re working in Security Operations for a major chemical company and the General Counsel shows up at your desk and asks you to provide the following information about the company’s next generation space-aged polymer, commonly known as “transparent aluminum:” All documents accessed by a specific employee, “Allen Carey” Any documents that contain the…

Substantially Reducing Risk by Cleaning Up Access Permissions

The article, “The Art of Profiling Cyber Criminals” within Dark Reading on December 8th, 2011 provides a brief outline of the characteristics of a typical cyber criminal.  The article is of interest because of its detailed description of the malicious insider.  Of particular interest is the following quote: “Around 65 percent of malicious insiders have…

Authorized Access – Understanding how US laws affect your authorization policies

In 1986, the United States Congress passed the Computer Fraud and Abuse Act (CFAA).  While the intent of these laws were originally to protect government computers and information from hackers, the laws have been applied to commercial interests, as well. Specifically, the Computer Fraud and Abuse Act subjects punishment to anyone who “knowingly and with…