Jeff Petters

Role-Based Access Control (RBAC) is a security paradigm whereby users are granted access to resources based on their role in the company. RBAC, if implemented correctly, can be an effective...

Unstructured data governance can be a chaotic mess. A new employee has access to 17,000,000 files the moment they walk in the door. Unmanaged data access represents a considerable risk...

Employee data theft is a specific insider threat where a malicious insider steals data from the current organization for monetary gain or a competing company’s benefit. The Tesla incident is...

Freedom of Information (FOI) requests are one of the ways that public organizations are held accountable by the media and the members of the community they serve. FOI laws require...

Azure Active Directory (Azure AD) is Microsoft’s enterprise cloud-based identity and access management (IAM) solution. Azure AD is the backbone of the Office 365 system, and it can sync with...

A man-in-the-middle (MitM) attack is a form of cyberattack where important data is intercepted by an attacker using a technique to interject themselves into the communication process. The attacker can...

The Risk Management Framework (RMF) is a set of criteria that dictate how the United States government IT systems must be architected, secured, and monitored. Originally developed by the Department...

Account lockouts are a headache for system administrators, and they happen a lot in Active Directory (AD). Research shows that account lockouts are the biggest single source of calls to...

Imagine you’re the CISO of a 10,000-person organization where users create millions of files and emails each day. Some of that information is highly sensitive—if leaked or stolen, you’re facing...

DNS security should be considered an essential part of any business’s security plan. Name resolution services (translating hostnames into IP addresses) are used by nearly all applications and services on...