10 Insights On Enterprise Data Book Cover

10 Insights on Enterprise Data [Free eBook]

If you follow IDC’s Digital Universe study each year, you can know that the enterprise technology landscape is fast-changing.  Data growth is out of control and companies are scrambling—with limited resources—to manage, protect, and extract value from their data. So what’s next for enterprises as we approach 2014?  We collaborated with talented designer Gregory Koberger…

Continue Reading

banksy

If the NSA can’t track its data, how can you?

I have a simple test for you.  Let’s call it the Snowden test: Create a folder named “Highly Confidential” on your company’s shared file server Put a few meaningless files with top-secret file names into the folder Delete the folder Now for the fun part—call your IT department and ask them what happened to your…

Continue Reading

checklist

HIPAA’s Revamped Auditing Program: Will You Be Ready in 2014?

Now that we’re well past the compliance date for the HIPAA Omnibus Final Rule, it’s time to start looking ahead at the next milestone—enforcing those rules.  One aspect of enforcement that’s expected to increase next year is more auditing visits from the regulators. The Department of Health and Human Services (HHS) has announced it will…

Continue Reading

Introducing DatAnywhere 1.5

We’re happy to announce today that DatAnywhere 1.5 is generally available.  DatAnywhere has gained strong adoption in its first year of existence, helping organizations deliver the cloud file sync experience using corporate file servers and NAS devices. One of the key benefits of DatAnywhere over other private cloud solutions is how simple it is to…

Continue Reading

we own4

Lessons from the Government’s Cyber Crime Cases: Don’t Let Hackers ‘Own the Site’

As part of another project I’m working on, I’ve been reviewing real-world investigations of hackers—at least the ones who were caught and  facing trials in the Federal criminal court system. You can learn much about the hacker mindset and also by extension what organizations are missing in their data security by reading the indictments filed…

Continue Reading

Live TechTalk: More Fuel For Your SIEM

Security Information and Event Management (SIEM) offers an excellent way to combine and analyze multiple data streams and generate alerts that help protect your organization. But a SIEM is only as powerful as the data it consumes. Does your SIEM currently receive file and folder access events? How about SharePoint and Exchange activity?  There is a…

Continue Reading

688px-US_Navy_031206-N-9693M-517_Army_and_Navy_football_players_vie_for_control_of_the_ball_during_the_104th_Army_Navy_Game

Back to Basics: Payment Card Industry’s DSS 3.0

The long awaited revision to the credit card industry’s security standards was published last month. As expected, the latest version of Data Security Standard (or DSS) has clarified and strengthened existing requirements and has added a major new section for penetration testing. Among the improvements are stronger rules for passwords, authentication, and audit trails. If…

Continue Reading

ssh-2

How Did Snowden (Really) Do It?

I recently stumbled across an article in Dark Reading entitled “How Did Snowden Do It?”  The piece does a great job pointing out how failures in authentication allowed Snowden to gain access to sensitive data repositories, acting both as himself and impersonating other privileged users. The author states that Snowden a.) used social-engineering to convince…

Continue Reading