What is a Data Repository and What is it Used for?

What is a Data Repository and What is it Used for?

Online businesses are rapidly overtaking the revenue of brick-and-mortar businesses in today’s internet age. The changes brought forth by internet-driven communication are driving businesses to become data-driven organizations.  Organizations that master how to collect and manipulate data to their advantage will triumph over their competitors. The sheer volume of data being collected by businesses today goes beyond what traditional relational databases can handle, giving rise to a series of different data repositories – Relational Databases, Data Warehouses, Data Lakes, Data…

Read More Read More

A Guide to Active Directory Linked Attributes

A Guide to Active Directory Linked Attributes

This blog post is part of a series about Active Directory attributes with values or behaviors that can be easily and inadvertently misinterpreted and misused. This series will provide information about these attributes, including both their limitations and their valid usages with respect to the administration of Active Directory. This post will discuss a special type of Active Directory attribute, the Active Directory linked attribute. Linked attributes generally exist in associated pairs; one of the associated attributes is known as…

Read More Read More

PowerShell Tips and Tricks for Scripting Active Directory Test Environments

PowerShell Tips and Tricks for Scripting Active Directory Test Environments

In my role as a Technical Product Manager, I often find myself prepping demos, setting up test environments, and helping customers test and administrate their Active Directory environments with PowerShell. PowerShell, being the most efficient and ubiquitous method of management at scale in the Windows Server world, is my goto tool anytime I need to work with Active Directory. The vast majority of my Active Directory scripting these days is targeted at test, demo, and QA environments that frequently need…

Read More Read More

What are Zero Standing Privileges (ZSP)?

What are Zero Standing Privileges (ZSP)?

The problem Privileged Access Management (PAM) solutions seek to solve can be simply formulated: How do I appropriately provide and protect privileged access to my information technology assets? Traditional PAM solutions have focused on deploying controls on top of an enterprise’s existing identity practices, whether that’s providing password and session management for shared built-in administrator accounts or a password-of-the-day for personal privileged accounts. These approaches all rely on the same thing – protecting identities that permanently possess privileges on systems,…

Read More Read More

What are Amazon S3 Buckets?

What are Amazon S3 Buckets?

Amazon S3 buckets have been at the heart of over a thousand security breaches over the last 4 years alone. Most recently, thousands of cell phone bills for Sprint, AT&T, Verizon, and T-Mobile customers were exposed through an open S3 bucket due to the oversight of a contractor working for one of the cell giants. So what are Amazon S3 buckets and what can organizations using S3 buckets do to avoid being the next headline? In this blog post, we…

Read More Read More

How to Identify Phishing Scams and Protect Against Them

How to Identify Phishing Scams and Protect Against Them

Phishing scams are a very common technique used by identity thieves to trick you into giving them your sensitive personal or financial information. Thieves will often impersonate actual companies like credit card companies, banks or online resources such as PayPal or Dropbox. It is a challenge to recognize what is real and what isn’t but there are a few things you can do to make yourself/your organization less susceptible to this type of scam. Traditional Approach Before we discuss a…

Read More Read More

Key Requirements of the NY SHIELD Act and How to be Compliant

Key Requirements of the NY SHIELD Act and How to be Compliant

As more and more attacks are occurring each year with a record 4.1 billion records breached in just the first half of 2019, according to Forbes– data security regulation is becoming more of a priority. Just as we suspected with the signing of the GDPR regulation in the EU, similar regulation has sprung up in the U.S with the CCPA on the west coast in California and most recently spreading to the east coast in New York with the signing…

Read More Read More

Using The AIP Scanner to Discover Sensitive Data

Using The AIP Scanner to Discover Sensitive Data

Azure Information Protection is Microsoft’s solution to classify, label, and protect sensitive documents. The AIP scanner runs as a Windows service and can be used to protect on-premise documents within the following data stores: Local Folders where the scanner service is configured Network shares that use the SMB protocol Document Libraries and Folders for SharePoint 2013-SharePoint 2019 By default, the AIP scanner client uses Windows IFilters to identify sensitive content within documents and supports the following file types: Application type…

Read More Read More

Protip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for SQL

Protip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for SQL

Now that you have been using StealthAUDIT for SQL for a while, you might be wondering how to squeeze more value out of the product by enhancing the information it is collecting and reporting on.  StealthAUDIT for SQL relies on native SQL server auditing capabilities to collect and report on user activity, as well as successful or unsuccessful server or database logon activity.  As a result, you will need to adjust some additional configuration options within SQL to ensure you…

Read More Read More

Redefining How Privileged Access is Granted – STEALTHbits Privileged Activity Manager 1.3

Redefining How Privileged Access is Granted – STEALTHbits Privileged Activity Manager 1.3

Privileged access will always appeal to cyber attackers because of the access rights associated with these accounts. Despite significant investments in Privileged Access Management (PAM) technologies, privileged accounts are still massively overexposed. Traditional PAM providers have focused on controlling access to accounts and their passwords, not on the activities that need to be performed. Go Vault-less Many PAM vendors and their deployments require a password vault, choosing to focus on controlling access to privileged accounts via rotating and vaulting passwords….

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.