Authentication Against Active Directory – September 16, 2013 @ 7:58 pm
What you don’t know can most definitely hurt you – September 13, 2013 @ 5:53 pm
It’s always something. You might run a careful, security conscious shop. Your IT group might be completely onboard, keeping their patches current and using best practices for provisioning accounts and supporting mobile devices.
Using Securonix for Directory-Based Service Account Monitoring – August 23, 2013 @ 8:00 pm
I was recently working with one of our customers, a very large health care services and administration company, to implement the Securonix solution to solve a different kind of enterprise network security problem. Both the information security team and the network administration people were struggling with managing and monitoring accounts with High Privilege Access, particularly Service Accounts.
Security Intelligence – But What Does It DO? – August 22, 2013 @ 10:20 pm
It seems like everybody’s talking about security intelligence these days. Of course, what people mean when they use the term can vary widely depending upon what they’re selling, but the primary purpose remains the same. Some kind of machine intelligence that can detect successful cyber attacks, information theft, fraud and breaches as they happen.
Applying Advanced Fraud Detection Technology to “Old School” Fraud attempts? – July 19, 2013 @ 5:57 pm
As consumers adopt new technologies to do “routine” tasks, and as companies roll out new ways to interact with business services centered on the web and mobile devices, provisions have to be made to support those customers who for whatever reason do not have access to the necessary tools and gadgets.
“The Snowden Case”, Lies and Marketing Communications on Insiders – July 12, 2013 @ 4:46 pm
One of the more interesting outgrowths of the recent revelations around NSA cyber-surveillance practices is the sudden declaration from all manner of information security vendors that their product or service could have “prevented Snowden”.
Voluntary Self-Hackery — The Blunt Truth about BYOD – July 1, 2013 @ 2:41 pm
Information Security – Always Behind the Technology Curve – June 28, 2013 @ 10:21 pm
In today’s hyper competitive business environment, it is no longer sufficient to compete on price and quality alone. Just as InfoSec workers can be thought of as being in a war with those that would use unauthorized or fraudulent access to data and systems to enrich themselves or their employers, the larger organization is in a similar conflict with its competitors for market share and revenues.
Removable Storage and the Temporal Value of Data – June 20, 2013 @ 9:12 pm
There are a lot of ways for determined insiders to exfiltrate appropriated documents and data but by far the preferred method is good old tried and true removable media. Edward Snowden was a SysAdmin, so in spite of a general policy against USB flash drives, he was completely comfortable making use of one to capture classified and restricted data and walk out the door with it.