The Difference between CIFS and SMB

I’ve received quite a few questions from both new and experienced sysadmins, about networked filesystems and file sharing protocols.  One question that comes up frequently is, “What is the difference between CIFS and SMB?” There are many idiosyncrasies, and the terminology can be confusing, so I’m going to boil down the essentials in an easy-to-follow…

Continue Reading


A National US Breach Notification Law May Be on the Way

Last month when I was prognosticating about the year ahead in data regulations, I held out some vague hope that there might come to pass a law on the national level with minimal standards for PII protection. There have been a few proposals that have been kicking around Congress over the years, any one of…

Continue Reading


Secrets to Preventing POS-based Attacks in Retail

There’s still much mystery surrounding the recent cyber heist in which tens of millions of credit card numbers were removed from a major retailer’s POS system, though we learn more almost every day. The always indispensable Krebs is a good starting point for background information and very informed speculation.  There are good reasons—based on FBI…

Continue Reading

Tips From The Pros: Streamlined Group Structure for 4500 Users

Another from our Tips interviews with working IT professionals.  
Q: How many users and how much data are you managing?

A: Currently, we have about 4500 people in our research department, and about 150TB of data, which we just moved from EMC Celerra NAS devices to EMC Isilon.

Continue Reading

Random-graph-Erdos_generated_network.svg (1)

Connecting the Dots between Phishing, Human Generated Data, and Data Exposure

Last week, I wrote about some of the implications of Bruce Schneier’s recent talk at a cryptography conference held in New York.  In short: APTs in combination with phishing attacks have upset the data security balance of power, with hackers (and government intelligence) coming out ahead.  If you’ve been following along at the Metadata Era,…

Continue Reading


3 Things CIOs Can Learn From Snapchat

Snapchat, one of the most popular mobile apps amongst teenage girls, can teach CIOs a thing or three about technology and communication. 1. Data should have a shelf-life The flagship feature of Snapchat is ephemerality. Snaps are designed to disappear forever* in 10 seconds or less. This cuts against the grain of most social services…

Continue Reading


Cryptography May Not Be Dead, But It Is on Life Support

Cindy and I had the good fortune of attending part of the Real World Cryptography Workshop held last week in New York City. We went primarily to listen to Bruce Schneier discuss the implications of the Snowden documents. But we quickly learned from others sessions that there was an underlying context to this conference.  Over…

Continue Reading


The Year Ahead in Data Protection Regulations

One area we expect to see interesting movement in 2014 is the role of government in setting data security regulations and policy. Sure, the EU has long had far more comprehensive regulations than the US, but a few recent events have helped to raise US public awareness of security and privacy. Is this the year…

Continue Reading

Helping Brands Understand COPPA, Part II

In Part I, Dan gave a lot of background on COPPA and offered some tips for understanding whether your business is impacted by the new regulations. Now, he digs into the nitty gritty.

Continue Reading

Tips From The Pros: Organizing Access For 15TB of File Data

More from our Tips interviews with working IT professionals.  

Tell me about your environment—how many users, how much data, etc.?

 A: We have over 600 users and 15TB of shared CIFS data. We have a single domain that contains over 1000 security groups.

Continue Reading