Featured Content
-
Apr 30, 2013
Personally Identifiable Information Hides in Dark Data
To my mind, HIPAA has the most sophisticated view of PII of all the US laws on the books. Their working definition encompasses vanilla identifiers: social security and credit card...
Michael Buckbee
3 min read
-
Mar 21, 2013
Revealed: Secret PIIs in your Unstructured Data!
Personally identifiable information or PII is pretty intuitive. If you know someone’s phone, social security, or credit card number, you have a direct link to their identity. Hackers use these...
Michael Buckbee
3 min read
-
Feb 04, 2013
Is DNA Really Personally Identifiable Information (PII)? No. Maybe? Yes!
Biometric data is at the limits of what current personal data privacy laws consider worthy of protection. This type of identifier covers fingerprints, voiceprints, and facial images. While the risk...
Michael Buckbee
3 min read
-
Jan 16, 2013
From the HIPAA Case Files: Jail Time, Fines, and Access Rights
While I was conducting some research on compliance laws for a customer, I found myself reviewing the penalties written into the 1996 Health Information Portability and Accountability Act, otherwise known...
Michael Buckbee
3 min read
-
Dec 11, 2012
Using Varonis: Who Owns What?
The key difference between attempting to assign data owners manually and attacking it intelligently with Varonis is the DatAdvantage audit trail.
Brian Vecci
3 min read
-
Nov 15, 2012
4 Secrets for Archiving Stale Data Efficiently
In order for organizations to find an effective solution to help deal with stale data and comply with defensible disposition requirements, there are 4 secrets to efficiently identify and clean-up stale data...
Rob Sobers
3 min read
-
Aug 14, 2012
The Definitive Guide to Cryptographic Hash Functions (Part II)
Last time I talked about how cryptographic hash functions are used to scramble passwords. I also stressed why it is extremely important to not be able to take a hash...
Rob Sobers
2 min read
-
Aug 08, 2012
Lessons Learned from Mat Honan's Epic Hacking
” Password-based security mechanisms — which can be cracked, reset, and socially engineered — no longer suffice in the era of cloud computing.” If you haven’t read Gizmodo writer Mat Honan’s...
Rob Sobers
4 min read
-
Aug 02, 2012
The Definitive Guide to Cryptographic Hash Functions (Part 1)
Give me any message and I will create a secret code to obscure it. Try it! “This really opened my eyes to AD security in a way defensive work never...
Rob Sobers
3 min read
-
Jul 03, 2012
The Difference Between Everyone and Authenticated Users
In order to maintain proper access controls, it’s crucial to understand what every entity on an access control list (ACL) represents, including the implicit identities that are built into a...
Rob Sobers
2 min read
-
Jun 05, 2012
SharePoint Permissions Cheat Sheet
Complexity is dangerous in the security world. The harder something is to understand, the harder it is to protect. SharePoint falls squarely into this category. Configuring permissions in SharePoint can...
Brian Vecci
2 min read
-
May 15, 2012
Data Classification Tips: Finding Credit Card Numbers
Data classification is a critical piece of the data governance puzzle. In order to be successful at governing data, you have to know—at all times—where your sensitive data is concentrated,...
Rob Sobers
1 min read