Governing Data Access to Meet Security, Compliance and Operational Standards

Governing Data Access to Meet Security, Compliance and Operational Standards

Part 6: Governing Data Access to Meet Security, Compliance and Operational Standards In this 6th and final post of our “Moving from Checkbox Compliance to True Data Security” blog series, we’re going to see how all the work we’ve done in discovering where our data lives, collecting and analyzing relevant information about our data, monitoring activity, and restructuring access rights will pay off in a major way. As you’ve likely gathered already, “Governance” is a pretty important component of a…

Read More Read More

Restructuring Permissions to Achieve a Least Privilege Access Model

Restructuring Permissions to Achieve a Least Privilege Access Model

Part 5: Restructuring Permissions to Achieve a Least Privilege Access Model In part 4 of this 6-part blog series, ‘Moving from Checkbox Compliance to True Data Security,’ we discussed why it’s important to monitor file share activity before you begin to take any action so you can get a full understanding of: Who is leveraging their access privileges What types of operations each user performs Who is creating or contributing the most amount of content If you’ve completed that step and…

Read More Read More

ProTip – Protecting Sensitive Data Step-up Authentication

ProTip – Protecting Sensitive Data Step-up Authentication

In prior ProTips we have explored discovering sensitive data throughout the environment, managing access to that data and monitoring it. Today’s ProTip focuses on adding an additional layer of protection that protects sensitive data in the event of a Ransomware outbreak, or compromised credentials being used to steal data. Creating the Investigation First, we create an investigation that looks for users accessing sensitive data. There are several things that happen behind the scenes – first data is discovered, classified and…

Read More Read More

How Threat Analysts have Become Superstitious: Superstition vs. Machine Learning with StealthDEFEND v1.2

How Threat Analysts have Become Superstitious: Superstition vs. Machine Learning with StealthDEFEND v1.2

The American psychologist B. F. Skinner conducted an experiment to examine how superstitions are formed. Using one of his favorite test subjects, pigeons, he observed that the pigeons associated whatever chance actions they had been performing when they were fed. Some of the birds would turn twice, while others would peck three times and they all repeated these behaviors with the expectation that they would be rewarded with food. Traditional cyber security has been suffering from this condition for quite…

Read More Read More

Monitoring Sensitive Data Activity and Identifying Data Owners

Monitoring Sensitive Data Activity and Identifying Data Owners

If you’ve been following along in this 6-part Checkbox Compliance to True Data Security series, you should have a better understanding of how to locate your data, pinpoint which data is considered sensitive or risky to your organization, and compile a priority list of the sensitive data you’ll want to govern first. You may be thinking that once you’re done with the above it’s time to start making changes to security and locking down the risky data you found, however,…

Read More Read More

Collect and Analyze Relevant Data Points to Assess Risk

Collect and Analyze Relevant Data Points to Assess Risk

The goal of the Collect and Analyze phase is to assess relevant data points to answer critical questions like what’s the sensitivity of the data, who has access to it, who owns it, and what’s the age of that data.  When you begin to understand the answers to these questions, you can then begin prioritizing the resources that are at most risk and limiting access to them as you work towards achieving a Least Privilege Access model.

Prioritizing Data Access Governance Initiatives Through Discovery

Prioritizing Data Access Governance Initiatives Through Discovery

Organizations are starting to shift their focus to establish a core set of principles around protecting their data, and they need a blueprint to help them get started. This series serves as the blueprint that will help your organization chart a course to proper data security. The first step in establishing a Data Access Governance program is Discovery.

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Those of you that are familiar with STEALTHbits know that protecting credentials is in our DNA – there is no separating credential protection from a sane data protection strategy. The operative word being “sane”. Earlier this year we introduced the first iteration of our Enterprise Password Enforcer, a password policy enforcement tool for Active Directory. In the first release, we focused on creating a solution that was transparent and operationally friendly. It did not require reboots when updating policies or…

Read More Read More

Deploying Pass-the-Hash Honeypots

Deploying Pass-the-Hash Honeypots

So far in this series, we’ve learned about the HoneyHash, a useful honeypot technique for detecting Pass-the-Hash and credential theft within a Windows environment.  We then looked into how to monitor for an attacker triggering the honeypot, and how to gather the necessary forensic details to investigate the attack.  Now let’s look at what you need to do to roll out the honeypot across multiple endpoints in your environment. There are some basic challenges we need to consider.  First, we…

Read More Read More

Implementing Detections for the Honeyhash

Implementing Detections for the Honeyhash

In our first post of this series, we explored the Honeyhash, and how it can be used to create a honeypot to catch attackers performing credential theft and pass-the-hash attacks.  Now that our trap is set, we need to make sure we can catch any attacker in the act who may fall for it. The concept of detection for the Honeyhash is simple.  We put a fake account in memory on a system, so let’s see if anybody tries to…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.