INSIDER THREAT SECURITY BLOG

Having managed Active Directory and built solutions for the management of AD itself for many years, I’ve been asked by countless customers for my take on Active Directory Recovery solutions – Which is the best? What’s the best way to do it? Do you really need a 3rd party tool to do it right? AD recovery software can be a very risky proposition. Generally speaking, I believe it to be a violation of best practices to perform recoveries on Active Directory unless there has been a catastrophic …

We’ve done 3 analyst briefings in the last 2 weeks. That’s not a huge surprise. What’s interesting is that these were analysts we had not spoken with before and that they all came to us. They all said the same thing, too. More people are asking about data access governance. It’s coming up in briefings about security, identity and access management (IAM), SIEM, information governance, master data management (MDM), eDiscovery, and more. It also seems it’s not just the “who has access to what?” …

Days later, after New York-Presbyterian agreed to pay out the largest settlement ever in a HIPAA violation case ($4.8M), the only thing we can ask ourselves is, “Why did this happen, and how could this have been prevented?” The breach was ultimately discovered by an external entity of the hospital when they found a deceased patient’s data online. However, they (the hospital), upon further investigation, found that the health records of another 6,800 hospital patients had become publically av…

It seems as if every day, more and more regulations are being implemented across a broad range of industries. Consequently, more and more compliance and data breaches are making their way to the news. One of our previous posts, “Export Control Compliance,” outlined some of the most prominent defense regulations instated today – ITAR and EAR. Another recent buzz word adding to this list is DFARS – The Defense Federal Acquisition Regulation Supplement. DFARS was implemented as a supplemen…

Every year Verizon produces the Data Breach Investigations Report (DBIR). It’s bad form on a blog to say “stop reading my content and go read this other content,” but I’ll start by saying that if you’ve never used this report as an asset in your security planning you should absolutely drop everything and go read this. Each year it’s a treasure trove of data and analysis. It’s also readable and has a sense of humor. Many people I know use its deep data and highly visual graphs to communicate t…

The International Traffic in Arms Regulation, popularly known as ITAR, is a set of regulations governing the export and import of defense goods and services. As simple as the definition may sound, ITAR is among the hardest of government regulations to understand and even harder to comply with. Because national interest is at stake, most manufacturers, exporters, defense contractors, and brokers of defense articles struggle to comprehend what constitutes ITAR data in their respective organizat…

When I first started at STEALTHbits, times were different. Technology was different. There were different problems to solve then. And with the advent and evolution of an endless stream of new technologies over the past decade from mobile devices to social media, Voice-over-IP (VoIP) to “big data”, the problems to solve keep on coming. Not surprisingly – especially considering the rate at which technology has evolved – “old” problems are still very “real” problems. One such instance is Patch …

The year is circa 1995; Major League Baseball players end a 232-day strike, Windows 95 is released by Microsoft, JavaScript is first introduced and deployed, the Grateful Dead announce their break-up, and Toy Story became the first ever wholly computer generated movie to be released. Did you also know that in 1995 the average inpatient medical record was accessed and viewed by at least 150 people during a typical five-day hospital stay by nursing staff, to receptionists to x-ray technicians? …

Hope you had as much fun changing passwords over the last few days as I have. If you have not gotten to it yet, the best set of tools I found to deduce if a site is ready for a password switch post Heartbleed was in this Forbes article. Just like Heartbleed has been a major distraction for every security and IT organization, it’s also got me off track in my thoughts about “big data”. Although it’s not totally off topic. You may recall a few weeks ago when the White House Office of Science an…