Who. When. What

Who. When. What

In the original Wall Street movie (1987), an ambitious Bud Fox (Charlie Sheen) literally buys an office building cleaning company so he can gain access to sensitive, nonpublic information on which he can profit from illegal stock trades. He dons a cleaning company supervisor uniform, brings a small camera and hand-held portable copier, and begins surreptitiously searching through file cabinets for financial information, merger and acquisition legal documents, and other data that will give him a leg up in the market.

Wow. That’s a lot more trouble than stealing credentials in a spear phishing attack and extracting sensitive data from the comfort of a kitchen table with a $400 laptop, a good Internet connection, and a six-pack of beer. Indeed, those were the good old days of information security. Lock the doors and filing cabinets and be done with it. There’s no question times – and security – were simpler, but today’s data security professionals do have one advantage over their paper-based predecessors: electronic access and activity footprints.

Although it took some effort and planning, no one had any idea Bud Fox had stolen that information. Unless someone witnessed the theft, there was no record of his nefarious activity. Similarly, a disgruntled employee with a key to the filing cabinet and access to the copy machine could remove limitless data with comparable impunity unless they were caught red-handed. In contrast, although today’s threat landscape is vastly more complex, and the bad guys have myriad tools to accomplish their objectives, information security professionals at least now have mechanisms to know that sensitive data has been accessed. We know who accessed it, when, and if they modified, moved, or deleted it.

And that’s a very good thing, especially as the size, types, and uses of unstructured data proliferates. For example, in just the past 12 months or so, a wholly new form of sensitive unstructured data has been introduced and is likely to explode in size and importance (read: sensitivity) in the coming months and years: police body cam video. Most observers, including police, support the widespread deployment of police body cameras, but their use generates terabytes of unstructured data (videos) that must be stored – and protected. Further, much like crime scene evidence, a chain-of-custody has to be established and auditable for body cam videos. Thus, after the video has been stored on a file share, access to it must be tracked and recorded: who accessed it, when, and what did they do with it?

That’s just one example in a sea of sensitive unstructured data: law enforcement statements, depositions (written or recorded), financial statements, earnings press releases, employee performance reviews, product designs, chemical formulae, business strategies, an investigative reporter’s notes…the list is endless. And it all needs to be secured, and access to it tracked.

Who. What. When. Today, we can track all that. Learn more here: https://go.stealthbits.com/isilon-file-activity-monitoring

In today’s data security world, Bud Fox’s costume and copier wouldn’t have been nearly enough.

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.