what you may have missed

What you may have missed

1. The FTC can now sue companies with loose security controls that result in a data breach if the company claims that consumer data is secure. No way! Yes way.  The U.S. District Court for the District Court of New Jersey upheld the FTC’s authority to regulate data security under the unfair or deceptive provisions of the…

Varonis and Heartbleed

Here is a quick update for Varonis customers about Heartbleed: Heartbleed is a critical vulnerability in the OpenSSL implementation of SSL, which affects multiple sites across the Internet, and could be exploited to leak sensitive information. Varonis does not use OpenSSL anywhere in its product suite.  Varonis uses other SSL technologies, which are not affected by this…

800px-Locked_wooden_door

Secrets of Active Directory Lockouts: How to Find Apps with Stale Credentials

No one needs to tell IT admins what’s on their short list of headaches: users forgetting their passwords usually ranks number one. For those who demand documented proof, there are survey results here to validate this point. Closely related, and just behind in terms of frequency and irritation level, are account lockouts. In an earlier…

protips3

Tips From the Pros: 30TB, 1300 Users, and 400 SMB Shares

Q: How many users do you have and how much data are you managing?

A: We have about 1300 users and about 30TB of human generated data on file shares and SharePoint.

Podcast: Wi-Fi Security, Firesheep, and Pineapples with Troy Hunt

I recently had the pleasure of interviewing Troy Hunt, security researcher and Microsoft MVP.  If you haven’t read Troy’s blog or heard him speak, definitely check him out.  He’s truly one of the most prolific people in the security space these days. Troy and I chatted about: The exploitability of public Wi-Fi networks Cookie hijacking…

800px-Alazani_Valley_Kakheti,_Georgia,_April_2007

Enterprise Search: Big Data Meets the Big Boss

Like many others, I think of Big Data as enormous data sets that are worthy of distributed processing, say in the multi-petabyte range. A petabyte for those who need a quick refresher is over 1 million gigabytes—a warehouse full of thumb drives. Typically, organizations enter the Big Data zone by collecting transactional data from tens…

data breach timeline

An Interactive Timeline of a Data Breach

With major data breaches in the news, we thought it would make sense to give Metadata Era readers a big picture view of a hypothetical incident—from start to finish. And what better way to do this than through a highly interactive timeline. The actual details of this fictional breach involving a company we call AEM…

4steps

Four Step Approach to Taming File Sharing Access

How many users and groups are in your Active Directory? Hundreds, thousands, tens of thousands?  Managing permissions to networked file shares at scale is complicated.   I don’t mean to alarm you, but: 1 TB of data usually contains about 50,000 folders About 5% of folders have unique permissions—that’s 2,500 ACLs Each ACL has an average of 4 groups Throw in multiple platforms with different permission schemes,…

ing direct

Varonis DatAdvantage Delivers Vital Intelligence to Keep ING DIRECT Secure

Responsible for over 1.4 million customers, ING DIRECT chose Varonis to ensure its systems are secure and that customers’ interests are protected at all times. With Varonis DatAdvantage, the bank is now able to monitor who is accessing and changing records to guarantee that all actions are authorized. It also allows ING DIRECT to visualize…

800px-Moscone_Center,_San_Francisco_(2013)

The ‘Varonis Track’ at RSA 2014

The tagline for the RSA Conference to be held later this month (2/24 – 2/28) at San Francisco’s Moscone Center is “where the world talks security.”  The Varonis team will also be there (South Expo #2309) to talk security.  At the Metadata Era, we’ve been lately focusing on new threats based on a combination of…