The Official STEALTHbits Blog
STEALTHbits’ blog focuses on critical issues surrounding Data Access Governance, Data Security, Unstructured Data, and more.
Pass the Hash - Avoid it at all costs, the hangover is terrible.
Written by Kevin FoisyThere’s been a lot of talk recently about the “Pass the hash” and “Pass the ticket” threats. In this blog post, I’ll talk a bit about what these threats are, how real they are, and what you can do to protect yourself. So first, what is it? These are two…
Insider Threat is so important it will never make headlines
Right now the headlines in the security world are on fire with hacks and breaches. There is a nasty number brewing at DHS involving federal employees, and there is the alleged largest hack of username and password data ever as well. I say “alleged” because some in the security world…
The Link Between Copy & Paste and a Potential Data Breach Drives DAG
One of the continually fascinating parts of my job is talking to customers and understanding how they decide to pursue some goals over others. Last week I had the chance to sit with a modest size department of a fairly large city. They have just brought on a new CIO…
Effective Risk Reduction
Written by Dawid CzaganRisk reduction is often associated with prevention only. Effective security, however, also needs detection and response. Those three (prevention, detection, response) are the fundamental pieces of the process oriented approach to IT security, which allows us to effectively reduce the risk and is the subject of this article. Risk and…
Active Directory Auditing and 3rd Party Backup Software
Written by Brett FernicolaHaving managed Active Directory and built solutions for the management of AD itself for many years, I’ve been asked by countless customers for my take on Active Directory Recovery solutions – Which is the best? What’s the best way to do it? Do you really need a 3rd party tool…Tags: Active Directory Active Directory Auditing Active Directory Backup STEALTHbits StealthINTERCEPTBe the first to comment! Read 928 times
The Data Access Governance (DAG) Market Heats Up
We’ve done 3 analyst briefings in the last 2 weeks. That’s not a huge surprise. What’s interesting is that these were analysts we had not spoken with before and that they all came to us. They all said the same thing, too. More people are asking about data access governance.…
Shared Network, Shared Security Burden
Written by Kyle KennedyDays later, after New York-Presbyterian agreed to pay out the largest settlement ever in a HIPAA violation case ($4.8M), the only thing we can ask ourselves is, “Why did this happen, and how could this have been prevented?” The breach was ultimately discovered by an external entity of the hospital…
HIPAA Violations - Remediation is Always More Expensive Than Prevention
Higher Education, Higher Risk
Written by Nate SorrentinoHigher education is tough, and not just for the people attending and sleeping through early morning classes. Most people do not and never will know about the underlying challenges institutions must tackle in the face of compliance. On top of having to deal with thousands of young, rowdy, and generally…
Increased Focus on #Insider #Threat from the Verizon #DBIR in 2014 – Who Do You Trust?
Every year Verizon produces the Data Breach Investigations Report (DBIR). It’s bad form on a blog to say “stop reading my content and go read this other content,” but I’ll start by saying that if you’ve never used this report as an asset in your security planning you should absolutely…