Varonis and Heartbleed

Here is a quick update for Varonis customers about Heartbleed: Heartbleed is a critical vulnerability in the OpenSSL implementation of SSL, which affects multiple sites across the Internet, and could be exploited to leak sensitive information. Varonis does not use OpenSSL anywhere in its product suite.  Varonis uses other SSL technologies, which are not affected by this…

Continue Reading

report-card-ferpa-edtech

For a passing grade, EdTech needs a privacy solution

Last week, New York state lawmakers passed legislation to prevent identifiable student data from being uploaded to a centralized national database. The database belongs to a non-profit in the growing education technology or EdTech sector. Their goal was to collect PII, student scores, attendance, and other information and then disseminate it to teachers and administrators…

Continue Reading

protips3

Tips From the Pros: Sharing 250 Million Folders With 100,000 Users

Q: How many users and how much data are you managing?

We have in excess of 100,000 actual people, 1.5 million accounts in AD, and 250,000,000 data folders.

Continue Reading

800px-Locked_wooden_door

Secrets of Active Directory Lockouts: How to Find Apps with Stale Credentials

No one needs to tell IT admins what’s on their short list of headaches: users forgetting their passwords usually ranks number one. For those who demand documented proof, there are survey results here to validate this point. Closely related, and just behind in terms of frequency and irritation level, are account lockouts. In an earlier…

Continue Reading

protips3

Tips From the Pros: 30TB, 1300 Users, and 400 SMB Shares

Q: How many users do you have and how much data are you managing?

A: We have about 1300 users and about 30TB of human generated data on file shares and SharePoint.

Continue Reading

active-directory

Top 10 Active Directory Tutorials on the Web

We’ve all heard of the many benefits of Active Directory (AD) for IT admins– it makes your job simpler because there’s a central vault of user information, and it’s scalable, supporting millions of objects in a single domain. However, it can be a pain in the ACLs to implement and maintain—a cluttered, misconfigured AD can…

Continue Reading

Podcast: Wi-Fi Security, Firesheep, and Pineapples with Troy Hunt

I recently had the pleasure of interviewing Troy Hunt, security researcher and Microsoft MVP.  If you haven’t read Troy’s blog or heard him speak, definitely check him out.  He’s truly one of the most prolific people in the security space these days. Troy and I chatted about: The exploitability of public Wi-Fi networks Cookie hijacking…

Continue Reading

800px-Alazani_Valley_Kakheti,_Georgia,_April_2007

Enterprise Search: Big Data Meets the Big Boss

Like many others, I think of Big Data as enormous data sets that are worthy of distributed processing, say in the multi-petabyte range. A petabyte for those who need a quick refresher is over 1 million gigabytes—a warehouse full of thumb drives. Typically, organizations enter the Big Data zone by collecting transactional data from tens…

Continue Reading

one-question-wish-breach-notification-letters-address

One Question I Wish all Breach Notification Letters Would Address

Recently, on two separate occasions, I received a new credit card and debit card, along with an ambiguous letter about why a new card was sent. My initial interpretation of the letter was that there had been a security breach.  However, calls to my credit card company and bank inquiring for more detailed information about…

Continue Reading