INSIDER THREAT SECURITY BLOG

While you’re more likely to be familiar with accessing network file shares via Server Message Block (SMB), or the Windows implementation of SMB (CIFS), the Network File System (NFS) is still prevalent in modern production environments, such as on Unix servers like NetApp ONTAP and Dell EMC Isilon/PowerScale OneFS. Originally designed in 1984 at Sun Microsystems with roots in Unix, NFS is an open standard for distributing a file system across a network for multi-client access. Currently at…

The Importance of Cloud Storage – From SMBs to the Enterprise With the release of Version 11.0, StealthAUDIT’s Sensitive Data Discovery tools now include our AnyData connector, which allows users to scan any storage repository for sensitive data. This is an incredibly powerful workflow, as it gives StealthAUDIT users the ability to scan cloud data repos in addition to traditional, on-premises data storage. Year after year, the number of cloud storage vendors is increasing and their us…

Sysmon is an important tool within Microsoft’s Sysinternals Suite, a comprehensive set of utilities and tools used to monitor, manage, and troubleshoot the Windows operating system. Per Microsoft’s own definition, Sysmon “provides detailed information about process creations, network connections, and changes to file creation time. By collecting the events it generates using Windows Event Collection or SIEM agents and subsequently analyzing them, you can identify malicious or anomalous act…

Understanding the Risk of Active Directory Permissions and Shadow Access I recently covered the topic of Active Directory permissions by giving an overview on how to apply them and view what already exists in your organization. In this blog, I’ll be taking a deeper dive into Active Directory permissions, outlining potential risks that exist when certain permissions are applied to certain objects. Why Do Active Directory Permissions Create Risk? So how do Active Directory permissions…

A Data Subject Access Request (DSAR), a common term amongst data privacy regulations, is an individual’s right to request information on personally identifiable information (PII) an organization has gathered about them, how that organization is using that data, and who that data has been shared with. Responding to a DSAR could be a daunting task for organizations, which often lack the necessary plumbing to be able to identify exactly where a given individual’s PII exists within their environ…

Today, we are introducing a new method to tackle Data Subject Access Requests (DSARs) that will enable our customers to obtain results in seconds. Available as an add-on to complement StealthAUDIT, Data Privacy Engine effectively connects identities with the location of their personal information. Thanks to the pre-discovery of attributes of data subjects across all repositories (structured, unstructured, on-premise, in the cloud, etc.) along with an understanding of which files and tables r…

Active Directory Delegated Permissions Overview The importance of Active Directory permissions cannot be understated, the capability for users to write and perform certain actions against your Active Directory can lead to unintended changes, unnecessary risk for attack vectors and lateral movement, or total domain compromise. In this blog, I’ll be going over, at a high level, how Active Directory permissions are applied, and how to view them natively. In the future, I’ll be covering how t…

The push for data privacy regulation has exploded in recent years, with the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) taking center stage. Gartner predicts  “ By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today.” For much of the world, this regulatory shift will have a substantial impact on the way businesses collect and process information. However, organi…

Data privacy has become the expectation for every consumer across the globe, becoming more than a set of rules and regulations driven by compliance standards, but rather one of the primary pillars upon which customer loyalty and brand recognition stand upon.  A continuously-developing pandemic, a majority of people working from home, and new data privacy laws regularly – all indications that 2021 will be a huge year for data privacy. COVID-19 Pandemic Leaves a Lasting Impression T…

Having worked with Unix and Linux servers for a long time, one feature that I came to appreciate is the Secure Shell (SSH) daemon.  The SSH server daemon allows users to securely connect to Linux and Unix servers using an SSH client.  Those of you who work with Linux and Unix servers are quite familiar with open-source SSH tools such as Putty and WinSCP.  Personally, I find WinSCP quite helpful as it allows me to transfer files back and forth from my Windows desktop machine to…