What you may have missed

What You May Have Missed

1. There were many articles on #Heartbleed this week, and if you only have time to read one very interesting article about it,  this is the one.  Bruce Schneier, this blog’s favorite security expert, calls Heartbleed “catastrophic”, and thankfully he provides a link to an app that can check a site’s vulnerability to this deadly…

report-card-ferpa-edtech

For a passing grade, EdTech needs a privacy solution

Last week, New York state lawmakers passed legislation to prevent identifiable student data from being uploaded to a centralized national database. The database belongs to a non-profit in the growing education technology or EdTech sector. Their goal was to collect PII, student scores, attendance, and other information and then disseminate it to teachers and administrators…

800px-Anonymous_at_Scientology_in_Los_Angeles

Malevolent Marketplaces

When considering security, it’s typical to think of systems in terms of technology: bugs, errors, and broken or exploited code. However, underlying the technical issues we face every day as technology professionals, there are economic forces attempting to exploit those cracks in the security facade for their own gain. While that fact is fairly self-evident and an intrinsic…

esg-logo-web

Why It Matters: Varonis Data Governance Suite

One of my favorite things about working for Varonis is that we let our products do the talking.  All of our products are free to try.  We want people to get real, quantifiable value before they pull out their wallet and spend a dollar with us. On rare occasion, for one reason or another, an…

bloor

Varonis Shines in Bloor Research’s Data Governance Market Update

Bloor Research published its market update for data governance.  Included were a bevy of vendors in the structured data governance space, with stalwarts like IBM and SAP featured prominently. In the burgeoning unstructured data governance market, where arguably the greatest technical challenges lie, Varonis was the only vendor featured. In the unstructured space we have…

800px-Moscone_Center,_San_Francisco_(2013)

The ‘Varonis Track’ at RSA 2014

The tagline for the RSA Conference to be held later this month (2/24 – 2/28) at San Francisco’s Moscone Center is “where the world talks security.”  The Varonis team will also be there (South Expo #2309) to talk security.  At the Metadata Era, we’ve been lately focusing on new threats based on a combination of…

beenhacked

Secrets to Preventing POS-based Attacks in Retail

There’s still much mystery surrounding the recent cyber heist in which tens of millions of credit card numbers were removed from a major retailer’s POS system, though we learn more almost every day. The always indispensable Krebs is a good starting point for background information and very informed speculation.  There are good reasons—based on FBI…

Random-graph-Erdos_generated_network.svg (1)

Connecting the Dots between Phishing, Human Generated Data, and Data Exposure

Last week, I wrote about some of the implications of Bruce Schneier’s recent talk at a cryptography conference held in New York.  In short: APTs in combination with phishing attacks have upset the data security balance of power, with hackers (and government intelligence) coming out ahead.  If you’ve been following along at the Metadata Era,…

snapchat-cio

3 Things CIOs Can Learn From Snapchat

Snapchat, one of the most popular mobile apps amongst teenage girls, can teach CIOs a thing or three about technology and communication. 1. Data should have a shelf-life The flagship feature of Snapchat is ephemerality. Snaps are designed to disappear forever* in 10 seconds or less. This cuts against the grain of most social services…