Data Security

The Difference Between Everyone and Authenticated Users

Rob Sobers

Jul 03, 2012

In order to maintain proper access controls, it’s crucial to understand what every entity on an access control list (ACL) represents, including the implicit identities that are built into a...

SharePoint Permissions Cheat Sheet

Brian Vecci

Jun 05, 2012

Complexity is dangerous in the security world.  The harder something is to understand, the harder it is to protect.  SharePoint falls squarely into this category.  Configuring permissions in SharePoint can...

Exchange Journaling and Diagnostics: How to

Rob Sobers

May 03, 2012

Journaling and Diagnostics Logging are services to monitor and audit activity on Microsoft Exchange servers. They provide basic auditing functionality for email activity (e.g. who sent which message to whom)...

5 Things You Should Know About Big Data

Rob Sobers

Apr 24, 2012

Big data is a very hot topic, and with the Splunk IPO last week seeing a 1999-style spike, the bandwagon is overflowing.  We’re poised to see many businesses pivoting into...

What is OAuth? Definition and How it Works

Rob Sobers

Apr 05, 2012

OAuth (Open Authentication) is an open-standard authorization protocol or framework that provides applications the ability for “secure designated access.” It is a way for users to grant websites or applications access to their information without giving away their passwords.

Giving Away Your Passwords

Rob Sobers

Mar 30, 2012

You might have seen the headlines from the past couple of weeks detailing how some employers were demanding employees hand over their Facebook passwords or else. Privacy violation?  Just a...

Fixing the Open Shares Problem

David Gibson

Mar 29, 2012

I recently spoke with an IT administrator who had started a manual open share cleanup project—finding and locking down folders and SharePoint sites open to global access groups like Everyone,...

Why Do SharePoint Permissions Cause So Much Trouble?

Brian Vecci

Jan 06, 2012

SharePoint permissions can be the stuff of nightmares.  At Varonis, we get a chance to meet with a lot of SharePoint administrators and it’s rare that they’re not exhausted trying...

Open Shares

David Gibson

Nov 03, 2011

In my post last week, Share Permissions, I promised I’d write a follow up post on “open shares.” Open shares, in a nutshell, are folders that are accessible to all…

Share Permissions

David Gibson

Oct 25, 2011

In one of our recent posts, What About Individual Users on ACL’s? I mentioned that some organizations have opted for using Windows share permissions instead of NTFS permissions for file...

Levels of Data Protection

Brian Vecci

Sep 24, 2011

Wednesday, I spoke at ISSA’s monthly chapter meeting in Colorado Springs. Speaking at ISSA chapter events is great, because it’s always an intelligent crowd that quickly grasps issues around data...

What About Individual Users on ACL's?

David Gibson

Aug 20, 2011

One question I received in response to our recent post about aligning windows security groups and automating entitlement reviews was, “If you’re using single-purpose security groups and managing them automatically...