Extended Data Classification Support for Nasuni, Dropbox, and Exchange Online in StealthAUDIT v8.2

Extended Data Classification Support for Nasuni, Dropbox, and Exchange Online in StealthAUDIT v8.2

Of the many enhancements we packed into this upcoming release of StealthAUDIT (version 8.2), extending our Sensitive Data Discovery capabilities and platform support for performing Data Classification remained high on our list of priorities. Coupled with 51 new GDPR-specific pattern definitions spanning all 28 EU countries and others as well (oh, and we don’t charge separately for those), StealthAUDIT v8.2 now enables organizations to discover and classify over 400 different file types stored in Nasuni UniFS Hybrid NAS, NFS-formatted file…

Read More Read More

Collect and Analyze Relevant Data Points to Assess Risk

Collect and Analyze Relevant Data Points to Assess Risk

The goal of the Collect and Analyze phase is to assess relevant data points to answer critical questions like what’s the sensitivity of the data, who has access to it, who owns it, and what’s the age of that data.  When you begin to understand the answers to these questions, you can then begin prioritizing the resources that are at most risk and limiting access to them as you work towards achieving a Least Privilege Access model.

GDPR–A Crash Course

GDPR–A Crash Course

If you find yourself among the minority that is “ready” I congratulate you, as data privacy will no longer stand still for any of us. And those who find themselves among the majority that is not ready, this is a good time to practice the principle of priority.

Where Real Organizations Are with EU GDPR 10 Days from Launch

Where Real Organizations Are with EU GDPR 10 Days from Launch

I’m writing this sitting in Germany, having spent one week meeting with customers from the UK, Switzerland, and other places and about to spend another at the Kuppinger Cole EIC Conference. The conference agenda is loaded up with EU GDPR topics, and there will be more to say about that in another post. It was very interesting last week to hear from customers, prospects, and partners where their GDPR efforts are right now. With the May 25th date looming, it would be easy to expect…

Read More Read More

A Tale of One City – Data Privacy Day

A Tale of One City – Data Privacy Day

Data Privacy Day is among us, and for that matter so is EU GDPR and NYCRR 500. What do these all have in common? Well, privacy. Privacy by design really should be more than just the mantra of GDPR, it needs to become the mantra of everyone handling any type of customer information. I do have hope that it will. How do you achieve privacy by design? EU GDPR along with NYCRR 500 are both privacy-focused regulations and they both…

Read More Read More

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

Awareness is the first and most essential ingredient in any successful risk mitigation strategy.  StealthAUDIT v8.1 has been enhanced to extend your awareness into high risk conditions that can easily sneak up on you in three key ways: SQL Database Security – Discover, assess access, and monitor activity within SQL databases, scouring each for sensitive data that attackers are likely to target Weak Password Identification – Identify Active Directory user accounts leveraging passwords contained in publically available dictionaries and organizationally-defined…

Read More Read More

Data Mapping in the age of GDPR – Unknown Application Workflows

Data Mapping in the age of GDPR – Unknown Application Workflows

When the enemy is already inside Security breaches is a fact of life. Employees click on links in phishing emails, web applications get compromised, weak passwords get guessed, and insiders misuse their privileges. As a matter of fact, internal actors play a role in every 4th breach according to the latest 2017 Data Breach Investigations Report from Verizon (http://www.verizonenterprise.com/verizon-insights-lab/dbir/). Once the enemy is within the external defenses it is critical to protect the internal data and the business operations. Not…

Read More Read More

Prevent Data Theft with File Activity Monitoring

Prevent Data Theft with File Activity Monitoring

Preventing Data Theft with File Activity Monitoring If you ask most folks who pay attention to cybersecurity what the recent big-name breaches and headline-grabbing malware have in common, you would get many answers. Some would say they were next-generation ransomware like NotPetya or WannaCry. Others would say that the HBO and Sony breaches started with a phishing email and ballooned from there. Even more would say that next-generation firewalls should have helped but didn’t. While these are all true, they…

Read More Read More

Lucky 13: WannaCry Ransomware and EU GDPR

Lucky 13: WannaCry Ransomware and EU GDPR

WannaCry Ransomware and GDPR 13 Months. That is the number of months (from the time of this writing) separating the #WannaCry attack from being not just a massive information security “incident” but the single largest test of the EU General Data Protection Regulation (GDPR). We are not going to focus on the WannaCry ransomware in this post though. If you’re interested in my technical breakdown, you can read my previous post. Today, I want to double-click past the malware and…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.