Amazon S3 buckets have been at the heart of over a thousand security breaches over the last 4 years alone. Most recently, thousands of cell phone bills for Sprint, AT&T, Verizon, and T-Mobile customers were exposed through an open S3 bucket due to the oversight of a contractor working for one of the cell giants. So what are Amazon S3 buckets and what can organizations using S3 buckets do to avoid being the next headline? In this blog post, we…
Azure Information Protection (AIP) is Microsoft’s solution to classify, label, and protect sensitive documents. The AIP scanner runs as a Windows service and can be used to protect on-premise documents within the following data stores: Local Folders where the scanner service is configured Network shares that use the SMB protocol Document Libraries and Folders for SharePoint 2013-SharePoint 2019 By default, the AIP scanner client uses Windows IFilters to identify sensitive content within documents and supports the following file types: Application…
In my last blog post, we took a look at the Vulnerability Assessment within the Advanced Data Security (ADS) offering for Azure SQL. In my final blog post of the series, we will take a deep dive into the Advanced Threat Protection features. VIEW PART 1 HERE VIEW PART 2 HERE Advanced Threat Protection for Azure SQL Databases provides administrators with immediate visibility into potential threats such as suspicious database activities, potential vulnerabilities, SQL injection attacks, as well as anomalous…
In my last blog post, we took a look at the Data Discovery & Classification features within the Advanced Data Security (ADS) offering for Azure SQL. In this blog post, we will take a deep dive into the Vulnerability assessment. The SQL Vulnerability assessment provides administrators with a streamlined approach to identify and even remediate potential security misconfigurations or vulnerabilities within their Azure SQL databases. The Vulnerability Assessment is a scanning service that contains a set of built-in rules based…
Azure SQL provides DBA’s with an easy and efficient means of standing up relational database services for their cloud and enterprise applications. As with any database platform, security remains a top concern and has not been overlooked by Microsoft with the variety of security features available in Azure SQL, including those offered through the Advanced Data Security package. The Advanced Data Security package for Azure SQL provides administrators with a single go-to location for discovering and classifying data, assessing and…
At STEALTHbits, we often describe Active Directory as holding ‘the keys to the kingdom’. It stores the users and groups that grant access to an organization’s most sensitive information and should be protected for this very reason. From an access management perspective, most administrators will stand behind the best practice of assigning access to groups instead of users. This is because it not only makes administration and management of this access more efficient for them but also has real benefits…
Open Access or unrestricted file share access is an inevitable condition that exists in most, if not all, enterprise environments. Many organizations create ‘Open Shares’ to allow end-users an easy way to access resources. What is an Open Share? These shares are open in the sense that access to them is unrestricted at both the Share and NTFS levels, meaning most end users can access them. This is achieved by the use of ‘Open Access Groups’ such as the built-in…
The EU GDPR took the world by storm, upping the compliance ‘ante’, causing other countries to follow suit in protecting consumer privacy. While the United States hasn’t implemented any federal regulation of this sort, many states have begun to implement their own regulations at the state level. For California, the clock has already begun ticking with the California Consumer Privacy Act (CCPA), a GDPR like regulation with a compliance timeline of January 1st, 2020. The CCPA introduces sweeping legislation providing…
The New York Department of Financial Services released the NYDFS Cybersecurity Regulation (23 NYCRR 500) in 2017, a set of regulations that place cybersecurity requirements on all DFS regulated entities. This regulation was put into effect at a time where cybersecurity threats are growing, with players coming from nation-states such as Russia, to independent criminal actors, or even terrorist organizations. The goal of this regulation is to not only protect customer information but to also protect a company’s own assets. …
Note: This is the 4th and final blog of our File System security series. Check out the first three: 1) NetApp File Activity Monitoring, 2) Windows File Activity Monitoring, 3) Challenges with Native File System Access Auditing. Sign up now for my live webinar “Challenges with Relying on Native File System Logging“. Register now. In the final post of this 4 part blog series, we will take a closer look at file access auditing on an EMC Isilon file system leveraging…
