INSIDER THREAT SECURITY BLOG

Yesterday I got to sit with a CIO and his staff at a fast growing company in the biotech space. They’re making a lot of profit and have a unique opportunity to onboard technologies to solve their problems. They have a very sophisticated user base – people doing biotech work are generally smart, well informed about IT and tech savvy. That means they are under pressure to deliver on solutions fast and the users have opinions about how those solutions should be built and the results they should …

Gone are the days of PC manufacturers taking pride in not just the hardware they ship, but the configuration and setup of the Operating System. I remember reading PC Magazine way back when drooling over benchmarks that the new Micron Pentium MMX 200 tower was a split second faster than the Dell Pentium MMX 200. Back then manufacturers would try to squeeze every little drop of performance out of their boxes to compete for king of the hill. Now we are so spoiled with multicore handheld supercom…

I sat with a very demanding prospect this week who is putting our solution through the most thorough evaluation we’ve ever seen. It’s going very well, and this meeting was another check point after they spent some time testing and came up with a new batch of questions. I was invited in to talk about what it means to run a Data Access Governance campaign as part of a larger Identity and Access Governance program or on its own. That discussion was pretty quick, as they have not yet made a move …

Everyone knows that you can’t solve the problems you don’t see. Seeing a problem itself doesn’t necessarily solve it, but if we can’t see the problems in the first place, then without our knowledge hidden potential ones can become visible with all kinds of consequences – see “Sony Pictures Inc.”. I was working with a couple of clients at the end of last year and ran into issues that make the same point, although a lot less spectacularly. For the first client, we were in early stages of a P…

When a user logs on to their workstation in the morning, Active Directory authenticates them and authorizes their access. When they access a network file share or SharePoint site, RDC to another system, log into CRM, open up Outlook, or do any number of things where access is involved, AD handles the request and approves or denies entry. Active Directory is the authentication and authorization hub of nearly every organization’s IT infrastructure, and it sees all. The vast amount of the eve…

If you’re like me, you probably leverage Windows Server as your primary desktop OS. Recently, I ran into an issue with 2012R2 that had me scratching my head for a while. The basic issue was no matter what I tried, every time I added the feature Desktop Experience it magically disappeared on reboot. So, let’s analyze why I even needed this feature and what the simple fix was. Hopefully, this info will help someone down the line.People often wonder why they can’t seem to get features like Flash…

It is possible to audit a remote registry on a target host (even a domain controller) without being an administrator of the target. This has been asked several times over the years by fellow engineers so I decided to document how to do it.There are two things that will need to be set: Remote registry needs to be enabled on the target host One of two security parameters need to be set The account being leveraged needs to be a member of the Backup Operators group on the target ho…

Everyone knows that you can’t solve the problems you don’t see. Seeing a problem itself doesn’t necessarily solve it, but if we can’t see the problems in the first place, then without our knowledge hidden potential ones can become visible with all kinds of consequences – see “Sony Pictures Inc.”. I was working with a couple of clients at the end of last year and ran into issues that make the same point, although a lot less spectacularly. For the first client, we were in early stages of a P…

We’re in the midst of training week for our sales for here at STEALTHbits. That means repeating many ideas we want to be sure they understand and they will help our potential customers understand. One of the facts that we often quote is the 800% increase expected in the next 5 years, which is an analyst prediction from 2013. Every time I say it or see it in print it surprises me. It’s counter-intuitive. You would think with the increases in mobile and cloud and apps in business use, the rate …

2015 Second Annual Data Breach Industry Forecast – Experian Stats/Quotes: “You’re going to be hacked. Have a plan.” – Joseph Demarest, Assistant Director of the FBI Cyber Division More than 500 million financial records have been stolen by hackers in the past 12 months – attributed to Joseph Demarest, Assistant Director of the FBI Cyber Division 59% of security incidents in the last year were the result of employee negligence and malicious insiders. These are also the least reported ca…