What is Privacy by Design?
In this era of big data, it is in an organization’s best interest to seek to safeguard their critical data assets, especially sensitive data, to the best of their ability. However, data breaches continue to occur, and according to certain studies, are happening every minute. And now with more consumer data being collected than ever, these breaches pose a real problem not only to an organization’s operations but to their credibility. But imagine if data security, and possibly more importantly …
Data Privacy Essentials: #1 – Don’t Put Your Data at Risk. #2 – Don’t Forget #1
In my last blog, I stated that “data security can be achieved without data privacy, but you can’t effectively fulfill data privacy without data security. When it comes to complying with regulations, or protecting against breaches, if you don’t know your data, you won’t be able to justify it to a regulator, or safeguard it from malicious intent.”
Complex, Heterogeneous Data Infrastructure Challenges
Once you’ve discovered all the data in your organization, you can then write a report. Ho…
Data Privacy and Security are Two Sides of the Same Coin
Two things can be inherently related, even though they are thought of differently. Examples abound, from tragedy and comedy, to fear and elation. Many pairs just go hand in hand; like privacy and security.
Flipping a coin to resolve a decision will cause one person to win, and the other to lose. The same can be said for data privacy. Without data security, data privacy will be limited at best. The controls over data privacy are juxtaposed with the discovery, classification, access, …
Easily Prevent More Breaches by Simply Preventing Bad Passwords
A recent cyber-attack on the Canadian government was successful because of a well-known attack technique, credential stuffing. If you’re not familiar, credential stuffing is just taking credentials from one breach and using it to compromise a new organization. It is successful because 62% of people reuse personal passwords on work systems.
News of this attack broke on Monday, August 17, 2020, and it highlights how real the cyberattack risk is for every organization. Th…
Types of Azure Storage: Blobs, Files, Queues, Tables, & Disks
Azure Storage is Microsoft’s cloud platform for scalable, modern data storage. If the number of options overwhelms you, then keep reading. Each Azure storage offering will be broken down into simple terms, while also addressing other things to consider when choosing a solution.
To make things easier for users, Azure Storage offerings are:
Cloud-basedDurableHighly availableSecureScalableManagedAccessible
However, there’s not just one storage solution that fits all workflows. First, we…
Pro Tip – StealthINTERCEPT DB Maintenance Best Practices
It is important to monitor the size of the NVMonitorData SQL database that is used by StealthINTERCEPT (SI) to store the event data it collects. In production environments, the event dataset can grow significantly over time. If left unchecked this DB growth will lead to excessive disk space usage and slowing performance over time inserting new event data. In addition, users can encounter slow performance reporting data via either the SI Console or the Web Reporting modul…
What is an Access Link in SharePoint Online?
This is what it looks like to create an access link, in this blog I will explain which settings affect what options are available on these link creation pages. SharePoint is all about collaboration and sharing, and in the SharePoint Online cloud, giving access to resources is a bit different than the traditional method of giving a user or group access to something. In SharePoint Online access is primarily controlled via Access Links which can b…
Back to “The Basics” Blog Series – Part 3: Privileged Access
Webinar Preview: Back to “The Basics” – Pragmatic advice from Gavin Ashton, author of “Maersk, me, & notPetya”
Part 3 – Privileged Access
This is the final installment of a three-part series on Maersk, me, & notPetya, a blog post by Gavin Ashton about his experiences responding to and recovering from the NotPetya ransomware outbreak at Maersk. If you’ve missed Part 1 or Part 2, give them a quick read!
At the root of this attack, and so many before it lies …
How to Use Native SharePoint Online and OneDrive Activity Auditing
If you are a security analyst, engineer, admin, or otherwise responsible for protecting the personal and private data of employees and customers – the following 3 statistics should frighten you.
The frequency of insider threats incidents has increased by 47% in the past two years – the Ponemon Institute Disgruntled employees rank in the top 5 contributors for insider data breaches according to Verizon. Somewhere between 20 and 30 mil…
Back to “The Basics” Blog Series – Part 2: Active Directory
Part 2 – Active Directory
This is the second part of a three part series on Maersk, me, & notPetya, a blog post by Gavin Ashton about his experiences responding to and recovering from the NotPetya ransomware outbreak at Maersk.
Not everyone realizes that in the last several years ransomware has made significant advances in its ability to not just infect a single computer, but to also pivot from that computer and infect other workstations and servers. Following a common pattern …
