Podcast: Wi-Fi Security, Firesheep, and Pineapples with Troy Hunt

I recently had the pleasure of interviewing Troy Hunt, security researcher and Microsoft MVP.  If you haven’t read Troy’s blog or heard him speak, definitely check him out.  He’s truly one of the most prolific people in the security space these days. Troy and I chatted about: The exploitability of public Wi-Fi networks Cookie hijacking…

Continue Reading

800px-Alazani_Valley_Kakheti,_Georgia,_April_2007

Enterprise Search: Big Data Meets the Big Boss

Like many others, I think of Big Data as enormous data sets that are worthy of distributed processing, say in the multi-petabyte range. A petabyte for those who need a quick refresher is over 1 million gigabytes—a warehouse full of thumb drives. Typically, organizations enter the Big Data zone by collecting transactional data from tens…

Continue Reading

one-question-wish-breach-notification-letters-address

One Question I Wish all Breach Notification Letters Would Address

Recently, on two separate occasions, I received a new credit card and debit card, along with an ambiguous letter about why a new card was sent. My initial interpretation of the letter was that there had been a security breach.  However, calls to my credit card company and bank inquiring for more detailed information about…

Continue Reading

nutrition label

Gigaom Structure 2014: Big Data Needs Nutritional Information

Gigaom Structure, the Big Data conference that swept into town this week, proved yet again that this fuzzy name can mean a lot of different things to people.  Here’s a few things we learned from the speakers. For Formula 1 car makers, it’s the data collected from race drivers to fine tune their cars’ engines,…

Continue Reading

data breach timeline

An Interactive Timeline of a Data Breach

With major data breaches in the news, we thought it would make sense to give Metadata Era readers a big picture view of a hypothetical incident—from start to finish. And what better way to do this than through a highly interactive timeline. The actual details of this fictional breach involving a company we call AEM…

Continue Reading

4steps

Four Step Approach to Taming File Sharing Access

How many users and groups are in your Active Directory? Hundreds, thousands, tens of thousands?  Managing permissions to networked file shares at scale is complicated.   I don’t mean to alarm you, but: 1 TB of data usually contains about 50,000 folders About 5% of folders have unique permissions—that’s 2,500 ACLs Each ACL has an average of 4 groups Throw in multiple platforms with different permission schemes,…

Continue Reading

ing direct

Varonis DatAdvantage Delivers Vital Intelligence to Keep ING DIRECT Secure

Responsible for over 1.4 million customers, ING DIRECT chose Varonis to ensure its systems are secure and that customers’ interests are protected at all times. With Varonis DatAdvantage, the bank is now able to monitor who is accessing and changing records to guarantee that all actions are authorized. It also allows ING DIRECT to visualize…

Continue Reading

800px-Etr1000pistoialaunch

EU Data Protection Reform Train Picks Up Speed

On Wednesday the EU Parliament voted to approve its data protection reforms with 621 in favor and only 10 against. After a long and contentious legislative process, the key “one-stop” shop idea, wherein a single data protection authority will enforce uniform regulations across all 28 member nations, remains in this finalized legislation. The vote also…

Continue Reading

800px-Anonymous_at_Scientology_in_Los_Angeles

Malevolent Marketplaces

When considering security, it’s typical to think of systems in terms of technology: bugs, errors, and broken or exploited code. However, underlying the technical issues we face every day as technology professionals, there are economic forces attempting to exploit those cracks in the security facade for their own gain. While that fact is fairly self-evident and an intrinsic…

Continue Reading

keys

On Authentication

The basis of any modern security system is authentication—ensuring someone is who they say they are.  By far, the most prevalent means of authentication in use today was invented in the 1960s: the username and password. In the ensuing five decades, so much has changed: computers aren’t kept in glassed off rooms, hard drives aren’t the size of…

Continue Reading