Data Security

Tips From the Pros: Best Practices for Managing Large Amounts of Shared Data

David Gibson

Dec 23, 2013

In our “Tips from the Pros” series, we’ll be the presenting interviews we’ve conducted with working IT professionals. These are the admins and managers responsible for security, access, and control...

How to Do Data Classification at Scale

Michael Buckbee

Nov 07, 2013

One of the important points we make in our recently published Information Entr opy report is that you can’t just decide you have intellectual property, issue NDAs to employees, and...

8 Things to Look for in File Auditing Software

Rob Sobers

Oct 03, 2013

Here is a list of 8 critical factors IT pros should consider when evaluating file auditing software.

What is Human Generated Data?

Rob Sobers

Sep 30, 2013

Unlike business application data, like a billing database or CRM system, or machine-generated data, such as the log files that servers generate, human-generated data is comprised of the emails, Word...

The Dangers of Shared Links

Rob Sobers

Jun 11, 2013

Many web applications give users the ability to share private information with unauthenticated users via obscure, publicly accessible URLs.  These URLs, often called “external links” or “shared links,” are a...

Personally Identifiable Information Hides in Dark Data

Michael Buckbee

Apr 30, 2013

To my mind, HIPAA has the most sophisticated view of PII of all the US laws on the books. Their working definition encompasses vanilla identifiers: social security and credit card...

Revealed: Secret PIIs in your Unstructured Data!

Michael Buckbee

Mar 21, 2013

Personally identifiable information or PII is pretty intuitive. If you know someone’s phone, social security, or credit card number, you have a direct link to their identity. Hackers use these...

Is DNA Really Personally Identifiable Information (PII)? No. Maybe? Yes!

Michael Buckbee

Feb 04, 2013

Biometric data is at the limits of what current personal data privacy laws consider worthy of protection. This type of identifier covers fingerprints, voiceprints, and facial images. While the risk...

Using Varonis: Who Owns What?

Brian Vecci

Dec 11, 2012

The key difference between attempting to assign data owners manually and attacking it intelligently with Varonis is the DatAdvantage audit trail.

The Definitive Guide to Cryptographic Hash Functions (Part II)

Rob Sobers

Aug 14, 2012

Last time I talked about how cryptographic hash functions are used to scramble passwords.  I also stressed why it is extremely important to not be able to take a hash...

Lessons Learned from Mat Honan's Epic Hacking

Rob Sobers

Aug 08, 2012

” Password-based security mechanisms — which can be cracked, reset, and socially engineered — no longer suffice in the era of cloud computing.” If you haven’t read Gizmodo writer Mat Honan’s...

The Definitive Guide to Cryptographic Hash Functions (Part 1)

Rob Sobers

Aug 02, 2012

Give me any message and I will create a secret code to obscure it. Try it! “This really opened my eyes to AD security in a way defensive work never...