Thursday, August 20, 2009

Restoring Deleted Permissions with Varonis

This afternoon a hedge fund client called with a high profile problem. One of the system admins from their outsourcer had deleted all of the Active Directory permissions of the General Counsel. Not a great person to prevent from accessing the system. Since they are a Varonis DatAdvantage user, I was able to help them solve this problem.

We ran a query from the log area and selected "History of differences" as the data source. The keys were to set the "File Server" to "IDU" and set the "Change Description" to start with his fully defined domain account. Then we got a list of all of the groups that he belogned to and my client was able to restore them all and get the General Counsel up and running ASAP.

DatAdvantage to the rescue.

Wednesday, August 19, 2009

Kudos to the Department of Justice for the indictment of Albert Gonzalez and two of his coconspirators. With all of the high profile data breaches occurring we need to take a deeper look at what is going on here. While TJX and Heartland may have been PCI compliant, they were still breached. The issue with most security approaches is that they focus primarily on “preventative” controls. There are not enough “detective” controls in place to make sure that if one of the preventative controls fails, there is someone or something there to notice. No defense is impenetrable and that is why we practice “defense in depth.”

In the case of Heartland Payments Systems, it is alleged that the hackers were siphoning off data for months and it wasn’t until Visa and MasterCard noticed the fraud, that Heartland found the breach. Some questions that companies should be asking themselves include:

  • Do you have in place a process to review audit logs from your firewalls and core routers on a regular basis?
  • Do you have a process in place to monitor the activities of privileged users and system accounts?
  • Do you have a formal entitlement review to verify that security is granted in a “least privilege” model?
  • Do you audit database and file system activity?
  • If any user was accessing an unusual amount of data, would anyone notice?

I would appreciate hearing your thoughts on these questions.

Tuesday, August 11, 2009

AIIM SharePoint Event - September 17, 2009

On September 17 , 2009 the AIIM International Garden State Chapter is hosting a Panel Discussion and Networking Event and I will be one of the panelists. Here is some info in case you are interested in attending.

Register Here!
Panel Topic: MS SharePoint – where is it headed?

· How is MS SharePoint different from traditional ECM products
· How well does MS SharePoint integrate with other ECM products
· What are the top ECM products being integrated with MS SharePoint
· How are companies leveraging MS SharePoint
· What are the "hot skills" in demand around the MS SharePoint

Panel Members:

· Allan Schweighardt, Senior Technology Strategist, Microsoft
· Joe Giegerich, President / Managing Partner, Gig Werks
· Kenneth Shea, Former Executive Director of Enabling Technology, KPMG
· Arthur Hedge III, President, Castle Ventures


· Network, Network, Network!!
· Meet and talk with individuals from the industry
· Meet some top New Jersey's recruiters in the MS SharePoint space

Meeting Agenda

5:30 - 6:30 pm - Registration & hors d'oeuvres Networking opportunities
6:30 - 7:30 pm - Panel Discussion
7:30 - 8:30 pm - Dessert: Networking opportunities


The Woodbridge Hilton
120 Wood Avenue South
Iselin, NJ 08830
Tel: 732-494-6200


AIIM Members $30
Non-Members $35
On-Site + $10

*$10 discount for early registration (September 10th deadline)

Register Here!

Hope to see you there.

Friday, August 7, 2009

YouTube Hacked?

Yesterday, Twitter and Facebook were attacked. Is YouTube being hacked today? There is a video about a healthcare protest that is not having its view counter updated. People have been commenting that the counter has been stuck at 1,338 views for a while. Has someone hacked into YouTube or is it just a bug?

Here is a link to the video.

Wednesday, August 5, 2009

Hacker Steals Domain Name

The New Jersey State Police arrested a man who allegedly stole the domain name. SC Magazine provides the details in this article "Hacker charged with domain name theft." What is troubling is that domain owners do not adequately protect their domain names. We have an offering that will analyze your risks for only $249. Please visit our website to learn more.

Please protect your Domain information.

Tuesday, August 4, 2009

SQL Server 2005 on Windows Server 2008

If you want to install SQL Server 2005 with Reporting Services on Windows Server 2008 you have to jump through a few hoops. Reporting Services is dependent on IIS 6 and SQL Server 2008 runs IIS 7. However, there is the capability to emulate II6, which is critical to making this work.

There is a great blog post on this issue at iGregor, where he walks you through the exact configuration options to make this work.

Hope this helps all those who see that grayed out Reporting Services box in SQL Server 2005 install and are shaking their heads.

Monday, August 3, 2009

I am planning to attend the August 5th New York SharePoint User Group meeting. It always well attended with somewhere between 50 and 150 people depending upon the evening. The meetings are the first Wednesday of the month at the Microsoft office in New York City.

Click here to register.

Hope to see you there