FTC Warning on Sharing Files in the Cloud

As part of a research project I’m doing on data breaches, I came across some great practical advice about file sharing in the cloud, courtesy of the Federal Trade Commission. By the way, the FTC also has  extensive information on security incidents. In any case, this 2010 report warns businesses to carefully review the risks…

Continue Reading

Using Varonis: “Fast Track” Recommendations

(This is one entry in a series of posts about the Varonis Operational Plan – a clear path to data governance.  You can find the whole series here.) Over time, a user’s access to systems and data in an organization tends to grow, regardless of their role or responsibilities. From an IT perspective, it’s much more…

Continue Reading

Intrusion costs are expensive. Why do you ask?

According to the folks over at Identity Theft Research Center (ITRC), US companies, governmental agencies, universities, and other non-profits last year reported almost 450 breaches and over 17 million personal records exposed.  This was not nearly as bad as 2007, in which the number of stolen records reached a breathtaking 122 million. One metric that’s…

Continue Reading

Using Varonis: Implementing Automatic Rules

(This is one entry in a series of posts about the Varonis Operational Plan – a clear path to data governance.  You can find the whole series here.) What good are rules if nobody follows them, right? If we put a business policy in place which dictates that only a select few users should ever have…

Continue Reading

Identify Theft Is Still the Number One Consumer Complaint

Each year the Federal Trade Commission releases a report based on data from its Consumer Sentinel Network. Sentinel is a massive database of consumer complaints received directly by the FTC, as well as sent from state law enforcement organizations and the FBI’s Internet Crime Complaint Center. Unfortunately 2012 was a good year: the FTC saw a…

Continue Reading

A Checklist to Help Your Family Improve Their Online Security

Rich Armstrong of Fog Creek Software, makers of the excellent productivity app Trello, created a handy checklist with sound advice that you can send to friends and family to help them avoid identity theft, malware, or a hijacked PayPal account (which Rich’s wife recently fell victim to). You’ll find the full checklist here.  Simply click…

Continue Reading

Bring Your Own Demise [INFOGRAPHIC]

Bring Your Own Device (BYOD) is certainly not new, but its effects on security and employee behavior are still largely undetermined.  To quantify the impact of personal devices in corporate settings, Varonis conducted a short survey and compiled the results in a new research report. The results may surprise you — more than half of…

Continue Reading

The Fallacy of the Security No-Man’s Land

Mike Rothman of Dark Reading wrote an interesting piece, which Bruce Schneier echoed last week, arguing that security vendors are focused on the top 1,000 enterprises, leaving the meager mid-sized businesses that live beneath the Security Poverty Line to fend for themselves.  Rothman: “These folks have a couple hundred to a couple thousand employees. That’s…

Continue Reading

Start Sweating the Small Stuff

In his recent New York Times article, “That Daily Shower Can Be a Killer,” renowned geographer Jared Diamond observes how Americans tend to greatly exaggerate risks that are sensational and beyond our control—like plane crashes and nuclear radiation—yet underestimate the mundane, but more common risks that we can control—like slipping in the shower or falling…

Continue Reading

PCI-DSS: New Mobile Security Guidelines Released

Last week the Payment Card Industry Security Standards Council (PCI  SSC) released an important document on best-practices for mobile payment security. Merchants have been rapidly adopting mobile devices—tablets, smartphones, notebooks, and other consumer gadgetry—as point-of-sale (POS) systems instead of using proprietary solutions. The trend will continue with experts predicting a $1 trillion mobile payment market…

Continue Reading