PROTIP – How to Purge Data in StealthAUDIT
If you have been using StealthAUDIT for your data access governance (DAG) and compliance needs, then you have likely come across situations where you would like to purge data pertaining to a specific host being monitored. In addition, when you upgrade to a newer release of StealthAUDIT, there might be a need to drop all the tables related to a specific job.
While the StealthAUDIT back-end database uses SQL Server with a published and open data model, it is not advisable to delete data or d…
3 Strategies to Ensure Readiness for DSARs
A data subject access request (DSAR) is a common requirement in privacy regulations today. It grants individuals the right to request all the personally identifiable information (PII) an organization has gathered about them, along with how the organization is using that data and who they’ve shared it with.
Responding to DSARs can be a daunting task for any organization. In fact, Gartner reports that manually processing a single request costs organizations more than $1,400 and takes most…
Scanning for Sensitive Data in Azure Storage (Blobs) with Stealthbits AnyData
The Importance of Cloud Storage – From SMBs to the Enterprise
With the release of Version 11.0, StealthAUDIT’s Sensitive Data Discovery tools now include our AnyData connector, which allows users to scan any storage repository for sensitive data. This is an incredibly powerful workflow, as it gives StealthAUDIT users the ability to scan cloud data repos in addition to traditional, on-premises data storage.
Year after year, the number of cloud storage vendors is increasing and their use…
Active Directory Permissions – Hiding in the Shadows
Understanding the Risk of Active Directory Permissions and Shadow Access
I recently covered the topic of Active Directory permissions by giving an overview on how to apply them and view what already exists in your organization. In this blog, I’ll be taking a deeper dive into Active Directory permissions, outlining potential risks that exist when certain permissions are applied to certain objects.
Why Do Active Directory Permissions Create Risk?
So how do Active Directory permissions …
PROTIP – Fulfill a DSAR with StealthAUDIT 11.0
A Data Subject Access Request (DSAR), a common term amongst data privacy regulations, is an individual’s right to request information on personally identifiable information (PII) an organization has gathered about them, how that organization is using that data, and who that data has been shared with. Responding to a DSAR could be a daunting task for organizations, which often lack the necessary plumbing to be able to identify exactly where a given individual’s PII exists within their environm…
Introducing the Data Privacy Engine
Today, we are introducing a new method to tackle Data Subject Access Requests (DSARs) that will enable our customers to obtain results in seconds. Available as an add-on to complement StealthAUDIT, Data Privacy Engine effectively connects identities with the location of their personal information. Thanks to the pre-discovery of attributes of data subjects across all repositories (structured, unstructured, on-premise, in the cloud, etc.) along with an understanding of which files and tables re…
Global Compliance Demands: The Singaporean Personal Data Protection Act (PDPA) Reviewed
The push for data privacy regulation has exploded in recent years, with the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) taking center stage. Gartner predicts “ By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today.”
For much of the world, this regulatory shift will have a substantial impact on the way businesses collect and process information. However, organiz…
Data Privacy Trends to Watch Out For in 2021
Data privacy has become the expectation for every consumer across the globe, becoming more than a set of rules and regulations driven by compliance standards, but rather one of the primary pillars upon which customer loyalty and brand recognition stand upon. A continuously-developing pandemic, a majority of people working from home, and new data privacy laws regularly – all indications that 2021 will be a huge year for data privacy.
COVID-19 Pandemic Leaves a Lasting Impression
Th…
Leveraging OpenSSH to Move Files in Windows Server 2019
Having worked with Unix and Linux servers for a long time, one feature that I came to appreciate is the Secure Shell (SSH) daemon. The SSH server daemon allows users to securely connect to Linux and Unix servers using an SSH client. Those of you who work with Linux and Unix servers are quite familiar with open-source SSH tools such as Putty and WinSCP. Personally, I find WinSCP quite helpful as it allows me to transfer files back and forth from my Windows desktop machine to …
Best Practices – Setting up StealthAUDIT SQL Server Database
If you decided to implement StealthAUDIT to meet your data access governance and security needs, then you made the right decision. StealthAUDIT core requires a SQL Server database to store the audited data, configuration settings, and certain historic data. In this blog, I will review some of the best practices when it comes to setting up the SQL Server database to be used by StealthAUDIT. This blog is not intended to replace the StealthAUDIT Installation Guide, but rather s…
