NEW PRODUCT UPDATE: File Activity Monitoring – À la carte
Got some exciting news from STEALTHbits’ Product Management team last week about our new Data Activity Tracking product line, which offers customers the ability to monitor file access events on their Windows and NAS devices, including recently added support for EMC Isilon devices.
I asked them, “Why is this being treated as a new product? We’ve been offering this capability within our Data Access Governance solution for years.” Their answer was, “Because now we can offer it as a standalone p…
Higher Education, Higher Risk
Higher education is tough, and not just for the students attending and sleeping through early morning classes. Most people do not and never will know about the underlying challenges institutions must tackle in the face of compliance. On top of having to deal with thousands of young, rowdy, and generally inebriated students on a daily basis, they also must comply with the many government standards that are put before them, or be forced to take the brunt of costly monetary penalties and probabl…
Increased Focus on Insider Threat from the Verizon DBIR in 2014 – Who Do You Trust?
Every year Verizon produces the Data Breach Investigations Report (DBIR). It’s bad form on a blog to say “stop reading my content and go read this other content,” but I’ll start by saying that if you’ve never used this report as an asset in your security planning you should absolutely drop everything and go read this. Each year it’s a treasure trove of data and analysis. It’s also readable and has a sense of humor. Many people I know use its deep data and highly visual graphs to communicate t…
The War Called ITAR – Time to Turn the Tide
The International Traffic in Arms Regulation, popularly known as ITAR, is a set of regulations governing the export and import of defense goods and services. As simple as the definition may sound, ITAR is among the hardest of government regulations to understand and even harder to comply with. Because national interest is at stake, most manufacturers, exporters, defense contractors, and brokers of defense articles struggle to comprehend what constitutes ITAR data in their respective organizat…
Don’t Call It a Comeback
When I first started at STEALTHbits, times were different. Technology was different. There were different problems to solve then. And with the advent and evolution of an endless stream of new technologies over the past decade from mobile devices to social media, Voice-over-IP (VoIP) to “big data”, the problems to solve keep on coming.
Not surprisingly – especially considering the rate at which technology has evolved – “old” problems are still very “real” problems. One such instance is Patch …
HIPAA Violations – Remediation is Always More Expensive Than Prevention
The year is circa 1995; Major League Baseball players end a 232-day strike, Windows 95 is released by Microsoft, JavaScript is first introduced and deployed, the Grateful Dead announce their break-up, and Toy Story became the first ever wholly computer generated movie to be released. Did you also know that in 1995 the average inpatient medical record was accessed and viewed by at least 150 people during a typical five-day hospital stay by nursing staff, to receptionists to x-ray technicians? …
Why Big Data may make your heartbleed even more
Hope you had as much fun changing passwords over the last few days as I have. If you have not gotten to it yet, the best set of tools I found to deduce if a site is ready for a password switch post Heartbleed was in this Forbes article.
Just like Heartbleed has been a major distraction for every security and IT organization, it’s also got me off track in my thoughts about “big data”. Although it’s not totally off topic. You may recall a few weeks ago when the White House Office of Science an…
RSA Conference 2014 Recap: Mission Accomplished
At this year’s RSA Conference 2014 in San Francisco, Gary S. Miliefsky of Cyber Defense Magazine (CDM) visited the STEALTHbits booth where we got to talking about who STEALTHbits is, what we do, and what we were talking with conference attendees about at the show. Here’s what Gary had to say about STEALTHbits in his post-conference annual trip report, included in CDM’s Cyber Warnings E-Magazine released on April 1, 2014:
“I hung out with these guys for a bit and they told me that RSA Conferen…
Knowledge (and Data) is Power
Data security is an information technology topic that has moved beyond the walls of IT engineers and their peers to – well everyone else. Take for instance the recent security hole reported by Indiana University that resulted in an estimated 146,000 Indiana University students’ “personal data…inadvertently exposed to webcrawling programs since last March” per CNN.
The personal data that was exposed; “students names, addresses, and Social Security numbers…stored in an unsecure location that a…
Is Least Privilege Security Dead? A Gartner IAM London Afterthought
Sitting staring at the mountain of catch up here on my desk isn’t making me think the Gartner IAM Summit in London was a bad idea. It does make me want to distract myself. So my thoughts turn to Ant Allan’s part in the opening keynote. Opening keynotes by their nature are designed to be provocative. They cement thoughts that one ought to explore through the balance of a conference. One point Ant made certainly stuck with me: the death of least privilege. Simply summed up, this is the notion t…
