FBI Investigates Punxsutawney Phil

One of the items on my blog check-list was to review the presentations from the Blackhat 2013 conference held earlier this summer. While browsing their archives I came across former FBI Chief Security Officer Patrick Reidy’s talk on insider threats. He hooked me on the blurb for his PowerPoint, which, to paraphrase, went something like,…

Continue Reading

The Value of Sandboxes

There’s been a lot of talk about malware sandboxing as a form of protection against advanced persistent threats (APTs). The idea behind malware sandboxing is that you can drop suspicious binaries into a virtualized environment, execute them, and observe what happens without posing any risk to your production systems.  After the malicious code wreaks its…

Continue Reading

Get the Big Picture on Health Care Data Security: Varonis’s Interactive HIPAA Breach Map

Lately there have been some troubling signs that healthcare data breaches are on the rise. Besides recent headline-making hospital data security incidents, the Ponemon Institute just released a survey estimating that about 1.8 million adult-age Americans were victims of medical identity theft in 2013. That’s up 20% from the previous year’s results. And the Identity Theft…

Continue Reading

The HIPAA Omnibus Rule [In Plain English]

It’s the final countdown! By September 23 2013, all covered entities have to comply with the HIPAA Omnibus Rule (aka the Final Rule) or face noncompliance penalties. Not sure where to start?  Omni-who?  Rather than read through 500+ pages of dense legal jargon, we’ve boiled the changes down into a quick, easy-to-understand punch list. 1….

Continue Reading

Data Security Breaches: Case in Point

There are a lot of breach statistics to choose from across the web. Verizon DBIR, Ponemon, PwC ,and ITRC are just some of the surveys we’ve come across and have used as reference points for our own understanding of data security. Statistics are of course important, but reviewing actual cases helps reveal the truth behind…

Continue Reading

Boston University Selects Varonis for Data Protection

Varonis is proud to announce that it is helping Boston University bolster its data loss prevention strategy. Having initially investigated traditional DLP technologies, BU found that the majority of the solutions could only answer one aspect of DLP — where sensitive data was located — but couldn’t determine who had access to it or who…

Continue Reading

Real-time Alerting and Monitoring with Varonis DatAlert

Today we’re happy to announce Varonis Data Governance Suite 5.9 beta, which includes the launch of Varonis DatAlert.  DatAlert improves your ability to detect possible security breaches, misconfigurations, and other issues, by providing customizable alerts in real-time. With DatAlert you can: Monitor sensitive configuration files on Windows and UNIX/Linux servers Detect changes made outside of…

Continue Reading

Top 10 InfoSec People to Follow on Twitter

Twitter is an excellent place to get curated security news from the people on the ground, so to speak. Here’s my personal top 10 InfoSec people to follow on Twitter. This list will give you a really good mix–from attacking SSL to data leaks to web app security best practices–these prolific folks are full of…

Continue Reading

Big Data Best Privacy Practices, FTC-style

Did you miss the keynote address given by FTC Commissioner Ramirez at the Aspen Forum? No worries, you can find the full text here, and it will make good iPad reading while you’re at the beach. Titled “The Privacy Challenges of Big Data: A View from the Lifeguard’s Chair”, the Commissioner’s speech turned into a…

Continue Reading

Data Protection for IaaS

Running an Infrastructure as a Service (IaaS) business comes with its fair share of technical challenges: availability, multi-tenancy, redundancy, scalability, etc.  Running an IaaS for the financial services sector presents even more complexity, especially with respect to data protection. Options, global provider of IaaS for the financial services sector, has over 130 financial services clients…

Continue Reading