Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Search

Featured Blog

What is a Data Protection Impact Assessment (DPIA)?

| Farrah Gamboa | | Leave a Comment
Article 35 of the EU General Data Protection Regulation (GDPR) describes the requirement for organizations to “carry out an assessment of the impact of the envisaged processing operations on the protection of personal data”. This process referred to as a Data Protection Impact Assessment (DPIA), is an integral component of the GDPR, and if not carried out when required, can leave an organization open to enforcement action such as potentially steep fines.    In this blog…

What is Privacy by Design?

| Farrah Gamboa | | Leave a Comment
In this era of big data, it is in an organization’s best interest to seek to safeguard their critical data assets, especially sensitive data, to the best of their ability. However, data breaches continue to occur, and according to certain studies, are happening every minute. And now with more consumer data being collected than ever, these breaches pose a real problem not only to an organization’s operations but to their credibility. But imagine if data security, and possibly more importantly …

Data Privacy Essentials: #1 – Don’t Put Your Data at Risk. #2 – Don’t Forget #1

| Adam Rosen | | Leave a Comment
In my last blog, I stated that “data security can be achieved without data privacy, but you can’t effectively fulfill data privacy without data security. When it comes to complying with regulations, or protecting against breaches, if you don’t know your data, you won’t be able to justify it to a regulator, or safeguard it from malicious intent.” Complex, Heterogeneous Data Infrastructure Challenges Once you’ve discovered all the data in your organization, you can then write a report. Ho…

Data Privacy and Security are Two Sides of the Same Coin

| Adam Rosen | | Leave a Comment
Two things can be inherently related, even though they are thought of differently. Examples abound, from tragedy and comedy, to fear and elation. Many pairs just go hand in hand; like privacy and security.   Flipping a coin to resolve a decision will cause one person to win, and the other to lose. The same can be said for data privacy. Without data security, data privacy will be limited at best. The controls over data privacy are juxtaposed with the discovery, classification, access, …

Easily Prevent More Breaches by Simply Preventing Bad Passwords

| Rod Simmons | | Leave a Comment
A recent cyber-attack on the Canadian government was successful because of a well-known attack technique, credential stuffing. If you’re not familiar, credential stuffing is just taking credentials from one breach and using it to compromise a new organization.  It is successful because 62% of people reuse personal passwords on work systems. News of this attack broke on Monday, August 17, 2020, and it highlights how real the cyberattack risk is for every organization. Th…

The Growth of Global Data Privacy Laws – Beyond GDPR & CCPA

| Dan Piazza | | Leave a Comment
The push for data privacy has exploded in recent years, with regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) leading the charge. This means consumers around the globe are gaining rights regarding how their data is collected, stored, and sold, as well as more ways to hold companies accountable when poor data security practices lead to data breaches involving their personally identifiable information (PII)…

NTFS File Streams – What Are They?

NTFS file streams, also known as alternate data streams (ADS), are part of every file, as well as directories (folders), in a Windows NTFS volume.  NTFS files and folders are comprised of attributes one of which is $Data.  The content we normally associate with a file such as the text in a .txt file or the executable code in a .exe file is stored in the ‘default’ $Data attribute or ‘stream’.  The name string of this default attribute is empty (set to “”) thus it is often referr…

Data Subject Access Requests (DSAR) – How to Prepare & Respond

| Dan Piazza | | Leave a Comment
A term popularized by the EU’s General Data Protection Regulation (GDPR), a Data Subject Access Request, also known as a DSAR, is an individual’s right to request information on personally identifiable information (PII) an organization has gathered about them, how that organization is using that data, and who that data has been shared with. PII includes names, social security numbers, phone numbers, behavioral data, and more; pretty much anything that can be used to identify a specific indivi…

Types of Azure Storage: Blobs, Files, Queues, Tables, & Disks

Azure Storage is Microsoft’s cloud platform for scalable, modern data storage. If the number of options overwhelms you, then keep reading. Each Azure storage offering will be broken down into simple terms, while also addressing other things to consider when choosing a solution. To make things easier for users, Azure Storage offerings are: Cloud-basedDurableHighly availableSecureScalableManagedAccessible However, there’s not just one storage solution that fits all workflows. First, we…

Pro Tip – StealthINTERCEPT DB Maintenance Best Practices

It is important to monitor the size of the NVMonitorData SQL database that is used by StealthINTERCEPT (SI) to store the event data it collects. In production environments, the event dataset can grow significantly over time.  If left unchecked this DB growth will lead to excessive disk space usage and slowing performance over time inserting new event data.  In addition, users can encounter slow performance reporting data via either the SI Console or the Web Reporting modul…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL