Category Archives: Data Security

5 FSMO Roles in Active Directory

fsmo roles hero

Active Directory (AD) has been the de facto standard for enterprise domain authentication services ever since it first appeared in late 1999 (in Windows Server 2000). There have been several enhancements and updates since then to make it the stable and secure authentication system in use today. In its infancy, AD had some rather glaring flaws. If you had multiple Domain Controllers (DC) in your domain, they would fight over which DC gets to make…

[Podcast] Dr. Wolter Pieters on Information Ethics, Part Two

[Podcast] Dr. Wolter Pieters on Information Ethics, Part Two

In part two of my interview with Delft University of Technology’s assistant professor of cyber risk, Dr. Wolter Pieters, we continue our discussion on transparency versus secrecy in security. We also cover ways organizations can present themselves as trustworthy. How? Be very clear about managing expectations. Declare your principles so that end users can trust that you’ll be executing by the principles you advocate. Lastly, have a plan for know what to do when something…

Verizon 2018 DBIR: Phishing, Stolen Passwords, and Other Cheap Tricks

Verizon 2018 DBIR: Phishing, Stolen Passwords, and Other Cheap Tricks

Like the rest of the IT security world last week, I had to stop everything I was doing to delve into the latest Verizon Data Breach Investigations Report. I spent some quality time with the 2018 DBIR (after drinking a few espresso), and I can sum it all up in one short paragraph. Last year, companies faced financially driven hackers and insiders, who use malware, stolen credentials, or phishing as attack vectors. They get in…

[Podcast] 41% of organizations have at least 1,000 sensitive files open to ...

[Podcast] 41% of organizations have at least 1,000 sensitive files open to all employees

This week, we talk about our annual data risk assessment report and sensitive files open to every employee! 41% of companies are vulnerable to this problem. The latest finding put organizations at risk as unsecure folders give attackers easy access to business roadmaps, intellectual property, financial and health data, and more. We even discussed how data open to everyone in an organization relates to user-generated data shared with 3rd party apps. Is it a data…

What Experts Are Saying About GDPR

What Experts Are Saying About GDPR

You did get the the memo that GDPR goes into effect next month? Good! This new EU regulation has a few nuances and uncertainties that will generate more questions than answers over the coming months. Fortunately, we’ve spoken to many attorneys with deep expertise in GDPR. To help you untangle GDPR, the IOS staff reviewed the old transcripts of our conversations, and pulled out a few nuggets that we think will help you get ready.…

[Podcast] Varonis Track at RSA 2018

[Podcast] Varonis Track at RSA 2018

We’re all counting down to the RSA Conference  in San Francisco April 16 – 20, where you can connect with the best technology, trends and people that will protect our digital world. Attendees will receive a Varonis branded baseball hat and will be entered into a $50 gift card raffle drawing for listening to our presentation in our North Hall booth (#3210). Attendees that visit us in the South Hall (#417) will receive a car vent…

Risk Management Framework (RMF): An Overview

risk framework management

The Risk Management Framework (RMF) is a set of criteria that dictate how United States government IT systems must be architected, secured, and monitored. Originally developed by the Department of Defense (DoD), the RMF was adopted by the rest of the US federal information systems in 2010. Today, the RMF is maintained by the National Institute of Standards and Technology (NIST), and provides a solid foundation for any data security strategy. The elegantly titled “NIST…

58% of organizations have more than 100,000 folders open to all employees

58% of organizations have more than 100,000 folders open to all employees

Like a wardrobe malfunction during a live broadcast, no one wants to be overexposed – especially when it comes to your data. The surprising truth: most companies go about their business blithely unaware that some of their most sensitive data is wide open. And by “some” we mean a lot. In fact, our latest research shows that 41% of organizations had at least 1,000 sensitive files open to all employees. As we know, it only…

[Podcast] I’m Elena Khasanova, Professional Services Manager at Varonis, ...

[Podcast] I’m Elena Khasanova, Professional Services Manager at Varonis, and This is How I Work

Prior to Varonis, Elena Khasanova worked in backend IT for large organizations. She did a bit of coding, database administration, project management, but was ready for more responsibility and challenges. So seven years ago, she made the move to New York City from Madison, Wisconsin and joined the professional services department at Varonis. With limited experience speaking with external customers and basic training, Varonis entrusted her to deploy products as well as present to customers.…

[Podcast] Dr. Wolter Pieters on Information Ethics, Part One

[Podcast] Dr. Wolter Pieters on Information Ethics, Part One

In part one of my interview with Delft University of Technology’s assistant professor of cyber risk, Dr. Wolter Pieters, we learn about the fundamentals of ethics as it relates to new technology, starting with the trolley problem. A thought experiment on ethics, it’s an important lesson in the world of self-driving cars and the course of action the computer on wheels would have to take when faced with potential life threatening consequences. Wolter also takes…

Data Integrity: What is it and How Can You Maintain it?

data integrity hero

If your company’s data is altered or deleted, and you have no way of knowing how, when and by whom, it can have a major impact on data-driven business decisions. This is why data integrity is essential. To understand the importance of data integrity to a company’s bottom line, let us examine what it is, why it’s significant, and how to preserve it. Data integrity refers to the reliability and trustworthiness of data throughout its…