Browsed by
Category: Data Access Governance

Database Security Best Practices – Simple & Worthwhile Concepts – Part I

Database Security Best Practices – Simple & Worthwhile Concepts – Part I

Database security is a hot topic these days, especially with all the new and seemingly never-ending security compliance requirements being imposed such as GDPR. This means that organizations and their DBAs must step up their game when it comes to database security. Some DBAs may think these new requirements apply only to production but depending on the situation DBAs may well need to apply stricter security across the board – including development and all test databases (e.g. unit testing, stress…

Read More Read More

How to Implement STEALTHbits Access Library Connectors

How to Implement STEALTHbits Access Library Connectors

With the advent of the STEALTHbits Access Library, today we are going to have a quick Protip in the form of how to best implement these connectors and what the little “gotchas” might actually be. Obtaining Access Library Connectors First, let’s talk about getting the modules downloaded correctly. On the STEALTHbits homepage, there is a “LOGIN” option in the upper-right of the screen: Make sure to login with the credentials provided to you by STEALTHbits! If you don’t have any…

Read More Read More

New! STEALTHbits Access Library – Flexible Access Auditing Across Any Platform

New! STEALTHbits Access Library – Flexible Access Auditing Across Any Platform

Historically most organizations would attempt to standardize on one platform internally for unstructured data and another for structured data. This meant separating off the unstructured data to a singular admin (or team), and the structured off to a different admin (or team) and the business remained divided in that manner. These could take many forms – SharePoint, File Servers, SQL Server, Oracle, OpenText, etc., yet the concept remained the same across all those platforms. With one for each type of…

Read More Read More

Securing Structured Data

Securing Structured Data

Editor’s Note: Read this related blog:“The Structured Future of Data Access Governance“. There are generally two kinds of data: structured and unstructured. An oversimplification shown in Figure 1 below is essentially correct. When we say, “structured data”, we usually mean traditional data that possess organized layouts with somewhat predictable growth characteristics. In fact, for relational databases, we would further assume that means spreadsheet-like tables having rows and columns (a.k.a. relations, tuples, and attributes). So, for now, let’s just focus on…

Read More Read More

The Structured Future of Data Access Governance

The Structured Future of Data Access Governance

When Data Access Governance (DAG) was first conceived, the logical place to implement such access control was on unstructured data such as shared file systems, collaborative platforms (e.g. SharePoint), and email systems. These massive unstructured data repositories seemingly contained the bulk of the corporate data, often quoted as representing well over 80% of all corporate data. Moreover, these data repositories appeared to be growing exponentially and therefore were the logical choice as the initial place for such extra controls. And…

Read More Read More

What is the Right to be Forgotten?

What is the Right to be Forgotten?

The Right to be Forgotten is defined as “the right to silence on past events in life that are no longer occurring.” The right to be forgotten leads to allowing individuals to have information, videos, or photographs about themselves deleted from certain internet records so that they cannot be found by search engines. As so many different compliance regulations roll out across the world, it’s important to understand the requirements from an organizational perspective as well as differences between regulations…

Read More Read More

Challenges with Native File System Access Auditing

Challenges with Native File System Access Auditing

Note: This blog is the first in a 4 part series, followed by a webinar to review all the challenges with File System access auditing. Sign up now for the webinar “Challenges with Relying on Native File System Logging“. Register now. An organization’s ability to efficiently and effectively capture file level access is paramount in order to not only proactively prevent data breaches or attacks, but to respond in the event your data has already been compromised. Often times, we…

Read More Read More

Part 5: Do Too Many Users Have Privileged Access Rights?

Part 5: Do Too Many Users Have Privileged Access Rights?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Do Too Many Users Have Privileged Access Rights? Do your users have privileged access rights they don’t need? According to a recent Ponemon report on the State of Data Access Governance, plenty of organizations are granting privileged access rights for “no apparent reason”. Others are even granting privileged access to every user at a certain job level, even if it is not required to do their…

Read More Read More

Part 4: Are You Securing Active Directory?

Part 4: Are You Securing Active Directory?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Are You Securing Active Directory? As an IT professional, you’ve likely made a number of different investments to protect the data within your organization. In order to help with the provisioning of user access rights, you may have invested in an Identity and Access Management (IAM) solution. You’ve likely adopted a SIEM and Data Loss Prevention (DLP) platform as well. And you should!  These technologies provide…

Read More Read More

Part 3: Are Users Putting Your Sensitive Data at Risk?

Part 3: Are Users Putting Your Sensitive Data at Risk?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Are Users Putting Your Sensitive Data at Risk? Previously in this blog series, we talked about understanding your organization’s data footprint. We also discussed methodologies for identifying where sensitive data exists. At this point, you’re probably realizing how much data lives across your organization and wondering… who is accessing all this information? The concern now isn’t solely about the data itself, but rather that users within…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.