Browsed by
Author: Farrah Vijayan

Farrah Vijayan is a Director of Technical Product Management at STEALTHbits Technologies. She is responsible for building and delivering on the roadmap of STEALTHbits products and solutions. Since joining STEALTHbits in 2012, Farrah has held multiple technical roles, including Scrum Master and Quality Assurance Manager. Farrah holds a Bachelor of Science degree in Industrial Engineering from Rutgers University
Advanced Data Security Features for Azure SQL- Part 2: Vulnerability Assessment

Advanced Data Security Features for Azure SQL- Part 2: Vulnerability Assessment

In my last blog post, we took a look at the Data Discovery & Classification features within the Advanced Data Security (ADS) offering for Azure SQL. In this blog post, we will take a deep dive into the Vulnerability assessment. The SQL Vulnerability assessment provides administrators with a streamlined approach to identify and even remediate potential security misconfigurations or vulnerabilities within their Azure SQL databases. The Vulnerability Assessment is a scanning service that contains a set of built-in rules based…

Read More Read More

Advanced Data Security Features for Azure SQL- Part 1: Data Discovery & Classification

Advanced Data Security Features for Azure SQL- Part 1: Data Discovery & Classification

Azure SQL provides DBA’s with an easy and efficient means of standing up relational database services for their cloud and enterprise applications. As with any database platform, security remains a top concern and has not been overlooked by Microsoft with the variety of security features available in Azure SQL, including those offered through the Advanced Data Security package. The Advanced Data Security package for Azure SQL provides administrators with a single go-to location for discovering and classifying data, assessing and…

Read More Read More

Least Privilege Access – A Pragmatic Approach Using Resource-Based Groups

Least Privilege Access – A Pragmatic Approach Using Resource-Based Groups

At STEALTHbits, we often describe Active Directory as holding ‘the keys to the kingdom’. It stores the users and groups that grant access to an organization’s most sensitive information and should be protected for this very reason.  From an access management perspective, most administrators will stand behind the best practice of assigning access to groups instead of users. This is because it not only makes administration and management of this access more efficient for them but also has real benefits…

Read More Read More

The Open Share Epidemic

The Open Share Epidemic

Open Access or unrestricted file share access is an inevitable condition that exists in most, if not all, enterprise environments. Many organizations create ‘Open Shares’ to allow end users an easy way to access resources. What is an Open Share? These shares are open in the sense that access to them is unrestricted at both the Share and NTFS levels, meaning most end users can access them. This is achieved by the use of ‘Open Access Groups’ such as the…

Read More Read More

What is the California Consumer Privacy Act?

What is the California Consumer Privacy Act?

The EU GDPR took the world by storm, upping the compliance ‘ante’, causing other countries to follow suit in protecting consumer privacy. While the United States hasn’t implemented any federal regulation of this sort, many states have begun to implement their own regulations at the state level. For California, the clock has already begun ticking with the California Consumer Privacy Act, a GDPR like regulation with a compliance timeline of January 1st, 2020.   The CCPA introduces sweeping legislation providing consumers…

Read More Read More

What is the NYDFS Cybersecurity Regulation?

What is the NYDFS Cybersecurity Regulation?

The New York Department of Financial Services released the NYDFS Cybersecurity Regulation (23 NYCRR 500) in 2017, a set of regulations which place cybersecurity requirements on all DFS regulated entities. This regulation was put into effect at a time where cybersecurity threats are growing, with players coming from nation states such as Russia, to independent criminal actors, or even terrorist organizations. The goal of this regulation is to not only protect customer information but to also protect a company’s own…

Read More Read More

EMC File Activity Monitoring

EMC File Activity Monitoring

Note: This is the 4th and final blog of our File System security series. Check out the first three: 1) NetApp File Activity Monitoring, 2) Windows File Activity Monitoring, 3) Challenges with Native File System Access Auditing. Sign up now for my live webinar “Challenges with Relying on Native File System Logging“. Register now. In the final post of this 4 part blog series, we will take a closer look at file access auditing on an EMC Isilon file system leveraging…

Read More Read More

NetApp File Activity Monitoring

NetApp File Activity Monitoring

Note: This blog is the third in a 4 part series, followed by a webinar to review all the challenges with File System access auditing. Sign up now for the webinar “Challenges with Relying on Native File System Logging“. Register now. In our last post, we walked through configuring file access auditing on a Windows File server and explored some of the common challenges with data interpretation. In this post, we will take a similar look at file access auditing on…

Read More Read More

Windows File Activity Monitoring

Windows File Activity Monitoring

Note: This blog is the second in a 4 part series, followed by a webinar to review all the challenges with File System access auditing. Sign up now for the webinar “Challenges with Relying on Native File System Logging“. Register now. In our first post of the series, we discussed some of the challenges with native file system access auditing techniques, from the configuration all the way to one’s ability to easily understand the resultant data. In this post, we will…

Read More Read More

Challenges with Native File System Access Auditing

Challenges with Native File System Access Auditing

Note: This blog is the first in a 4 part series, followed by a webinar to review all the challenges with File System access auditing. Sign up now for the webinar “Challenges with Relying on Native File System Logging“. Register now. An organization’s ability to efficiently and effectively capture file level access is paramount in order to not only proactively prevent data breaches or attacks, but to respond in the event your data has already been compromised. Often times, we…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.