More Articles on Privacy by Design than Implementation – IOSS 17

p

Going from policy to implementation is no easy feat because some have said that Privacy by Design is an elusive concept. In this episode, we meditated on possible solutions such as incentivizing and making privacy as the default setting. We even talked about the extra expense of having a Privacy by Design mindset. What do you […]

Continue Reading →

Threatbusters – IOSS 16

pexels-photo-164488-large

If there’s something strange on your network, who should we call? The security team! Well, I like to think of them as Threatbusters. Why? They’re insatiable learners and they work extremely hard to keep security threats at bay. In this episode, we talk about awesome new technologies(like computer chips that self-destruct and ghost towns that […]

Continue Reading →

New SamSam Ransomware Exploiting Old JBoss Vulnerability

mask-anonymous

One of the lessons learned from the uptick in ransomware attacks is that it pays to keep your security patches up to date. A few months ago the SamSam/Samas malware was (and is still) having great success primarily against healthcare companies and hospitals. The attack vector, though, was not based on phishing or social engineering. […]

Continue Reading →

Six Authentication Experts You Should Follow

authentication

Our recent ebook shows what’s wrong with current password-based authentication technology. But luckily, there are a few leading experts that are shaping the future of the post-password world. Here are six people you should follow: 1. Lorrie Cranor @lorrietweet Lorrie Cranor is a password researcher and is currently Chief Technologist at the US Federal Trade Commission. She is […]

Continue Reading →

Summer Reminder: Cloud Storage Ain’t All That Private

door-green-closed-lock

I’ve written before about the lack of privacy protections for consumers storing content in the cloud. In looking back over my notes, I’d forgotten just how few cloud privacy rights we have in the real world. Using the typical terms of service (ToS) from some major providers as a benchmark, your rights to the uploaded […]

Continue Reading →

Protecting Bridget Jones’s Baby

miramax__120329094238

In the wake of the Sony Pictures breach, studios are getting much smarter when it comes to data protection. A shining example is Miramax, a global film and television studio best known for its award-winning and original content such as 2016’s Bridget Jones’s Baby with Universal Pictures and Studio Canal. Read the full case study ⟶ Miramax was […]

Continue Reading →

Data Privacy US-Style: Our National Privacy Research Strategy

usa-flag

While the EU has been speeding ahead with its own digital privacy laws, the US has been taking its own steps. Did you know there’s a National Privacy Research Strategy (NPRS) white paper that lays out plans for federally funded research projects into data privacy? Sure, the Federal Trade Commission has taken up the data privacy […]

Continue Reading →

Active Directory in Plain English

pexels-photo (8)

It is tough getting started with Active Directory. There are lots of reasons for this: the years of cruft, the inherent complexity, the intimidating raw power… and the fact that everything has about six different names. To help make sense of this, we’ve translated AD terms back into something a human might use when conversing […]

Continue Reading →

Enterprise Security Gaps: a Ponemon Institute Study

mind_the_gap

We recently sponsored a study about data protection and enterprise security with the Ponemon Research institute: Closing Security Gaps to Protect Corporate Data: A Study of U.S. and European Organizations. A primary focus was to research security gaps within organizations that lead to data breaches and ransomware attacks – what are the leading causes?  How […]

Continue Reading →

SQL Server Best Practices, Part II: Virtualized Environments

lion

It is 2016 and some people still think SQL Server cannot be run on a virtual machine. SQL Server can successfully run in a VM but SQL is resource-intensive by nature and so if you are going to virtualize SQL then you simply must adhere to best practices. Not following best practices can be the […]

Continue Reading →

One Take Away from Black Hat 2016: Designer Ransomware!

house-money-capitalism-fortune-12619

We had an amazing week at Black Hat 2016.  One topic that was on attendees’ minds— besides hacking Jeeps and chip-and-pin technology — was ransomware. A security analysis firm now warns us that ransomware has become more clickable because the thieves are localizing the phish mail. You should watch the video below for the full […]

Continue Reading →