cloud_img

Data in the Cloud – What You Need to Know

Everyone’s talking about the cloud – but what exactly is it?  Should you move your data to the cloud? How do you take advantage of the agility that the cloud offers, without putting your data at risk? Make sure you understand the basics of migrating and storing your data in the cloud:  the risks, rewards,…

Inside the World of Insider Threats, Part II: More on Motivation

One area the CMU CERT researchers looked into was the chain of events that cause a law-abiding employee to become an insider menace. For those who want to learn about the models the CMU team came up with, they’re welcome to read this fascinating paper on the topic. But I think I can summarize the…

We’ve Been Recognized by Gartner

We have good news to share. Gartner, a leading independent provider of IT advisory and market intelligence, has mentioned us in their first ever “Gartner, Market Guide for Data-Centric Audit and Protection (Lowans and Perkins, Nov. 2014)”. Gartner has given us a check mark in all five Data-Centric Audit and Protection (DCAP) categories: Data Discovery,…

The Journey to File Permission Perfection  

More devices than ever. More platforms to choose from. An expanding universe of data choices that can be both exciting and confusing at the same time. Tablets, phablets, laptops, iOS, Android, Windows, UNIX/Linux file servers, and NAS devices. Add SharePoint, Dropbox, Google Drive, and LinkedIn to the mix. These are all awesome platforms for allowing…

Interview With NYU-Poly’s Professor Justin Cappos: Security Lessons From Retail Breaches

I had the chance to talk with cyber security expert Justin Cappos last month about the recent breaches in the retail sector. Cappos is an Assistant Professor of Computer Science at NYU Polytechnic School of Engineering. He’s well known for his work on Stork, a software installation utility for cloud environments. In our discussion, Professor…

NTLM warning

A Closer Look at Pass the Hash, Part III: How NTLM will get you hacked (and what you should do about it)

I was about ready to wrap up this series of posts (part 1, part 2 ) on PtH and make my larger point, which is that you should assume hackers will break into your system. And then I learned new information about credential stealing that amplifies this warning by a factor of 10. The most…

digital universe

The Expanding Data Universe

It’s June and half of the year is almost over. So it’s a good time for a data growth reality check.  Nearly every week, we continue to see validation in our news feed about how data is on an  exponential growth curve. Here’s more evidence: while “only” 4.4 Zettabytes of data was generated in 2013,…

3 Challenges for the National Patient-Centered Clinical Research Network (PCORnet)

3 Challenges for the National Patient-Centered Clinical Research Network (PCORnet)

Have you noticed that a lot of health information created daily during patient visits is still not digitized? And if it is, the opportunities to use this data for research and for prevention are often missed because the networks that store this data cannot easily collaborate or communicate with each other. Finally, at the end…

Digital StillCamera

Ultimate Security Wisdom From Verizon’s DBIR: Limit, Control, and Monitor

For those in IT too busy to read the 60-page Data Breach Investigations Report, Verizon provides the shorter executive summary. And to summarize the summary, they’ve come up with seven tips based on their analysis of over 60,000 security incidents. If I had to condense this list into a simple one sentence security mantra it…