All posts by Sarah Hospelhorn

Browsing Anonymously: Is It Really Anonymous?

can you see what site im on hero image

Privacy is top of mind for many people these days. Unclear privacy policies, rampant data collection and high-profile data breaches can lead us to second guess our information’s safety — even when it’s guarded by respected institutions. In fact, Americans reportedly trust credit card companies more than the federal government to protect their personal information. To combat this uncertainty, security experts commonly recommend using virtual private networks (VPNs) and secure browsers to keep your browsing history and personal information off the grid. The reality, however, is that these solutions can’t completely keep your activity private and safe.

Take a look below for a quick guide that explains what is seen and what stays hidden when you’re using different privacy tools.

privacy tool quick guide

Private browsing, for example, deletes your browsing history and other details from your computer, but does not delete information collected and stored on anything outside of your computer. This means that your employer can see what you were doing at work even if you were in private browsing mode.

So, what exactly can we keep private? In reality, not much. We took a look at these different solutions to see just how private your information is and what you can do  proactively to keep your information secure.

Private Browsing

Most popular browsers like Chrome and Firefox have a form of Incognito or private browsing that most people believe is a form of anonymous browsing. This is partially true since these sessions delete things like browsing history and cookies at the end of your session. However, this information is only deleted from your computer and not any other place it may exist.

Private Browsing Benefits and Uses

Private browsing is a great option when you’re trying to hide your activity from others who use that computer. For example, private browsing is a big help when you’re searching for a retirement present for your boss and he suddenly needs to search for something on your computer. Since your history was deleted, he won’t see any targeted ads for golf clubs in your (nonexistent) search history. Private browsing is also great for logging into accounts on someone else’s computer without logging them out of their accounts.

Private Browsing Drawbacks

A significant drawback of private browsing is that data is only deleted from your computer. Private browsers cannot delete records saved on anything outside of your computer, including your ISP, a website’s server and any connected networks you used to access the site. Private browsing also does not protect you from malware or any other threats on the internet.

private browsing information

Virtual Private Network (VPN)

VPNs create a secure connection or “tunnel” to the internet with the VPN server acting as an intermediary between you and the web. This contributes to some anonymity since your IP address appears as the VPN’s instead of your address and masks your address. VPNs and proxy servers share some similarities and have comparable features like hiding your IP address, but both have vital differences. One major distinction is that VPNs encrypt all traffic that comes through whereas proxy servers only encrypt web requests from your browser.

VPN Benefits and Uses

VPNs are great tools to elevate your security and offer benefits where proxies and other solutions fall short. They’re great when traveling or working remotely since they let you connect safely to public WiFi. VPNs also allow you to access work or home network without connecting to the internet.

VPN Drawbacks

VPNs are prone to drops in speed and performance depending on the user’s proximity to the VPN and the amount of available memory on the CPU. They’re also generally more expensive to use and maintain than other solutions on this list.

Something to keep in mind is that VPNs are not impenetrable and not created equal. Depending on the VPN service you’re using, it may keep a log of your activity for varying periods of time. This information can be subpoenaed and turned over if requested. Connection speeds and encryption strength also depend on your VPN service. Savvy hackers and country-specific regulations impact a VPNs performance.

Although a VPN is a powerful tool that aids in your privacy and safety, it’s only a strong layer of protection that impedes malicious users and bots from accessing your data.

VPN function and privacy overview

Proxy Server

Proxy servers act as a gateway between you and the internet. To do this, your information and requests are first sent to the proxy server. Then, the proxy makes the web request on your behalf, collects the response and forwards you the web page data.

Proxy Server Benefits and Uses

These servers offer a handful of security and management benefits. Depending on the type of proxy server, you can hide or change your IP address, making it difficult to track your activity. Some proxies encrypt your web requests to further anonymize your data. Proxy servers also allow you to control internet usage on your network. For example, a proxy server can block access to social media sites to stop employees from checking their accounts. You can also block compromised or malicious sites to avoid any potential threats.

Proxy Server Drawbacks

There are many different types of proxy servers that offer different levels of security, anonymity and encryption. Make sure to check what type of proxy server your using, what exactly it does and what information it logs. Transparent proxies, for example, block sites but do not hide your IP address. Use free proxy servers with caution since these are more prone to performance and security issues. For instance, some proxy servers log your original IP address and web requests without encrypting the information.

proxy server explanation and privacy overview

Secure Browsers

Secure browsers routes web traffic through their network to anonymize the information. Different browsers use different methods. For instance, TOR uses the “onion” method that bounces traffic through one of their entry nodes, a random middle really and exit node.

Secure Browsers Benefits and Uses

The most overt benefit of using a secure browser is its heightened anonymity and security. The information passed through secure browsers makes it extremely difficult for someone connect information to an identity. Take a look at how exactly each browser does this to find the one that best fits your needs.

Secure Browsers Drawbacks

Due to its anonymity, some countries and web services block private web browsing. It makes it easy for journalists to report on corruption and for people to organize without the watchful eye of the government or regime. Secure browsers are also generally slower than mainstream browsers because they usually bounce traffic through computers across the world to make it difficult to find your original location and IP address.

secure browsers privacy and function information

Private Search Engine

Private search engines are alternatives to Google and Bing that do not track or store information about you. Each search engine has its own set of tools and benefits to make searching more secure.

Private Search Engine Benefits and Uses

These services are great for researching information without falling into a “filter bubble” and letting your past search history impact your results. They’re also ideal for stopping advertisers and others from tracking your search history. Some features that vary from browser to browser include end-to-end encryption for secure searches and the use of semantic searches using artificial intelligence and machine learning.

Private Search Engine Drawbacks

A minor disadvantage to private search engines is that your desired results might not pop up in the first search. Since these search engines deliver non-localized results, it can stir up slight frustration when you’re trying to search for a paper supplier close to your company’s headquarters. A lack of functionalities like image search and news search can also impede your search efficiency and require a few more clicks to get you to your answer.

Another thing to note is that these search engines may still leave history in your browser and computer. Even though they are not tracking or storing information on their own servers, some search engines still leave a trail of search history in your browser.

Every tool has its own set of strengths and weaknesses when it comes to security. The key is learning what these strengths and weaknesses are and how they apply to your web browsing. One way to overcome some weaknesses is by combining tools (like using a secure browser on a VPN). Follow these steps below to get started on protecting your information.

private search engine function overview and privacy information

  • Read all of the privacy policies you’ve agreed to from beginning to end and opt-out when necessary.
  • Change your privacy settings for each browser you use and account you have on the internet.
  • Implement any of the above technology solutions that’s relevant to you.

The most important takeaway is that it’s nearly impossible to be completely anonymous online. The best that we can do is take a proactive approach to cybersecurity. Implementing these tips and using the best cybersecurity solutions can equip you with the right tools to keep your information highly secure. To take your learning one step further, check out our internet security basics course to take your security to the next level.

click to download infographic button

Sources:

Consumer Reports | IT Pro | PC Mag | TechRadar | How-To Geek | thebestvpn | CSO Online | TechWorld | Hackernoon | Comparitech | Hongkiat | Spread Privacy | Choose to Encrypt

Exchange Vulnerability: How to Detect Domain Admin Privilege Escalation

Exchange Vulnerability: How to Detect Domain Admin Privilege Escalation

Researchers recently uncovered a vulnerability in Exchange that allows any domain user to obtain Domain admin privileges that allow them to compromise AD and connected hosts.

Here’s how the attack works:

  • Attacker uses a compromised mail-enabled domain user to subscribe to the exchange push notification feature
  • Attacker uses an NTLM relay to impersonate the exchange server:
  • The Exchange server authenticates to the compromised user’s host using NTLM over HTTP, which the attacker users to authenticate to the domain controller via LDAP with the exchange account’s credentials
  • Attacker then uses the exchange account’s permissions to change permissions on the domain object*

The attacker can then run a DCSync to get hashed passwords of all domain users – which enables them to execute different types of attacks – from golden ticket attacks to pass the hash.

Our research team has investigated and built a guide for our customers to detect this type of attack – and to see if they’ve been compromised already.

Here’s what you need to know.

*This last step could also be by a rogue admin, who has legitimate access to make that permission change: by creating a rule to detect on that activity, you’ll be covered either way.

How to Detect Domain Privilege Escalation

In DatAlert, create a custom rule to monitor specific permission changes on an object – this will trigger when a Directory Services object permission is added on the domain object.

  1. Set the rule name
  2. Set the alert category to “privilege escalation”
  3. Set resource type to “all values selected”
  4. Define the affected Object:
  5. File Server = DirectoryServices
  6. Choose the Domain object
  7. Create filter for DS object permission added

Running the Report: How to Detect Permission Change on the Domain Object

Permission changes on the domain object shouldn’t be common; anything that triggers this alert should be investigated.  Keep in mind, this is only a checkbox away from alerting on any DS permissions change (don’t forget to leave the “search in child objects unchecked!) – so generate a report to validate the alert before you deploy.

You’ll be able to see in this report if you’ve already been compromised by this attack as well.

Once the rule is deployed, you can investigate this type of privilege escalation through the web UI:

Once that rule is set up, you’ll be able to monitor and protect against these types of security vulnerabilities, investigate Directory Services object events, and verify whether or not you’ve been affected by this vulnerability.

Check out the Microsoft security update as well – and reach out to your SE if you have any questions.

Hacker Motives: Red Flags and Prevention

hacker motives hero

Hackers are getting savvier. They’re constantly finding new ways to abuse system vulnerabilities and sneak into our networks. The worst part? The likelihood of a cyber attack is now higher than a home invasion. Most people don’t notice when their data has been compromised until it’s too late. The silver lining is that the rise in attacks allows us to analyze the patterns hackers follow and strengthen our defenses.

Major cybersecurity attacks of the past have taught us hard lessons, including the need for CSOs to embrace data-centric security. Massive breaches like the Marriott data breach also taught us the importance of effectively managing mergers and acquisitions, especially when the company you’re acquiring has a recent history of breaches and hacks.

We took a look at hacks in the past years and identified the most important trends you should watch to ensure your business’s safety. We’ve also included a few tips to make sure your company doesn’t become another victim.

hacker motives and tips infographic

Every company has data to protect. Whether you’re a multi-million dollar enterprise or a 6-month-old startup, each business has its own set of vulnerabilities. Larger companies have complex systems and lots of data to monitor, thus making it easier for hackers to infiltrate and persist for long periods of time while staying undetected. Small businesses, on the other hand, are likely less prepared to handle a cyber attack due to a lack of resources or staff. Take a look at some of our tips below to see what you can do to stay ahead of these hacker trends.

click to view tips to defend against hacker motive trends

Preparation and a quick response time are essentials for any security team. It’s smart to start with engage in effective threat modeling and create a comprehensive incident response plan to keep your team vigilant and ready for threats. Taking advice from other professionals through cybersecurity TED talks or podcasts can also jump start your security planning to see what threats and solutions are top-of-mind for others in the industry. To get started, take our data risk assessment to see where your vulnerabilities lie and what steps you need to take to keep your company safe.

Sources: Verizon | HackerOne | IBM

 

Varonis Version 7.0

Varonis Version 7.0

Version 7.0 of the Varonis Data Security Platform is here – featuring new cloud support and advanced threat detection and response capabilities: new event sources and enrichment; out-of-the-box threat intelligence applied to Varonis security insights; and playbooks that arm customers with incident response plans right in the web UI so customers can easily follow best-practice responses to security incidents. 

New Dashboards Highlight Cloud, Active Directory and GDPR Risks

Active Directory risk dashboards, GDPR dashboards, and Office 365 dashboards offer at-a-glance visibility into critical exposures and concerns on key data stores and Active Directory. Widgets within each dashboard provide drill-down context and explanations of security risks and vulnerabilities: from vulnerable user accounts to at-risk cloud data to potential compliance violations.

Support for Box Security Events

The Varonis Data Security Platform was created to protect enterprise data wherever it’s stored, and that now includes data stored in Box. Customers can filter, search, and sort by event type including impersonation events, sharing events, and more; highlight risky behavior like over-permissive sharing and impersonation; and see where to remediate security vulnerabilities.  

Additional Office 365 and Active Directory Events Add Intelligence and Context for Alerting and Investigations

New event and entity information enhance Exchange Online, Azure AD and Active Directory monitoring. Attackers commonly exploit weaknesses or misconfigurations in Azure and on-premises Active Directory to escalate privileges and access data, including email stored in Exchange Online; additional telemetry from their directory services will help customers reduce the time it takes to detect and respond to threats on premises and in the cloud.  

Threat Intelligence Details Provide Deeper Insights

Monitor and track malicious (or suspicious) connections with out-of-the-box threat intelligence.  Varonis security insights and events are now enriched with information about risky external connections. Customers can now get external IP and URL enrichment in context with suspicious behavior and unusual activity for deeper insight on potential security incidents. 

Incident Response Playbooks Map Out Next Steps

Incident response plans from our cybersecurity research lab are now built into the Varonis UI as playbooks: our security experts mapped out best practices for responding to different types of cyberattacks – covering everything from incident notification to containment to recovery, along with actionable steps to eradicate threats and improve security postures for future attacks. 

Increased Speed and Scalability with Solr

Version 7 optimizes the use of Solr for dramatically faster and more intuitive investigations. Solr enables rapid data aggregation, visualization, and horizontal scalability on commodity hardware, even with billions of events. By innovating on top of Solr, Varonis customers can provision relatively little hardware and receive significant performance improvements. Customers will benefit from faster search auto-completion, improved search response and immediate access to search results, even during their compilation.  

…and More

Additional features from version 7.0 include more out-of-the-box reports (including reports on overexposed regulated and GDPR data); new threat models to detect additional types of cyberattacks; faster updates to the web UI; saved searches for more collaborative investigations, and more. 

Join us live on Thursday, January 24th at 2:00 PM ET to see version 7.0 in action – or get an exclusive 1:1 demo this week to see how Varonis can transform your data security. 

 

What Would The World’s Data Look Like if it Were Physical?

if worlds data were physical

We take well over a trillion photographs a year, upload hundreds of hours of video a minute, and commit search queries tens of thousands of times per second. The sheer amount of data that companies save is staggering and growing exponentially year-over-year.

Social media giants, web infrastructure providers and other large companies around the world manage data at dizzying scales. Not only do these corporations handle a lot of data — they handle important and sensitive data as well. Huge reputational and financial stakes ride on businesses being able to protect their internal servers. Even smaller organizations possess sensitive data. With so much of this valuable information scattered across on-premises & cloud data centers, it’s more important than ever to know how to keep information where it belongs, and out of the hands of those who’d use it for harm.

In order to understand how to properly manage all our data, though, we’ll need some sense of how much there is to manage in the first place. But how do we begin to conceptualize the sheer scale of all this information? You may have heard of an “exabyte,” but does it mean anything to you? Trying to picture a billion gigabytes is like trying to picture all the people living in New York City right now: your brain is simply not built to process such quantities.

To help you get some sense for how much data exists in the world today, we’ve come up with some analogies and visual aides. Check them all out below.

if worlds data were phyiscal infographic

The images above should give you at least some broad sense of how much digital information companies manage.

It’s important to remember, though, in the midst of all these remarkable statistics, that having a lot of data means we have a lot of data to protect. Perhaps we should be asking ourselves: how can businesses properly defend this universe of information at our fingertips?

It’s more important than ever for companies to keep a tight hold over their proprietary information, and their customers’ sensitive information. It should be the foremost concern for those who act as gatekeepers to humanity’s secrets to invest in data security, seek the advice of experts in the field, and maintain up-to-date, comprehensive security protocols.

If we don’t implement the proper precautions now, we can have exabytes-worth of problems on our hands.

Sources:

The Guardian | MerchDope | Ardor SEOCisco | Architecture of France | The Atlantic | UCSB | Lifewire

California Consumer Privacy Act (CCPA) vs. GDPR

California Consumer Privacy Act (CCPA) vs. GDPR

Data privacy laws are fast becoming a primary element in any data security conversation: from the EU’s GDPR to the California Consumer Privacy Act to Japan’s Act on the Protection of Personal Information, the ability to protect consumer data is top of mind. For companies that are built around consumer data, consumer trust becomes a vital part of their business model.

On May 25, 2018, the EU General Data Protection Regulation (GDPR) went into effect. And in the wake of the EU’s GDPR came another shift in data privacy — the California Consumer Privacy Act (CCPA). On June 28, 2018, Governor Jerry Brown signed the CCPA, which will enact some of the country’s most powerful consumer data privacy protections into law.

With the devastating series of data breach incidents in the past couple of years, many questions and concerns have arisen about the way consumer data is being handled. 2017 was the year of the data breach with the magnitude of high-profile incidents at companies such as Equifax and Yahoo. Attacks like these make data breaches seem part of normal life— not just in the United States, but around the world.

While the GDPR was created to protect citizens of the EU, its impact spans much farther. The CCPA is an outcome of the GDPR’s reaching influence, shifting government priorities and making them more willing to protect individual privacy. Although the CCPA does not go into effect until January 1, 2020, it’s important to be aware of the policies and processes necessary for compliance, and to analyze the current and future impact it will have in comparison to GDPR.

CCPA Overview

Businesses have a track record of using personal information to benefit their own agenda: the California Consumer Privacy Act (CCPA) will serve to protect California consumer rights and encourage stronger privacy and greater transparency overall. It will give consumers ownership, control, and security over their personal information – and consumers will have the ability to request that any business disclose (and delete) the personal information that it collects, and request that their data not be sold to third parties.

These data protections give Californians the right to:

  • Know what personal information is being collected
  • Access the personal information that is collected, and request it be deleted
  • Know whether their personal information is being shared, and if so, with whom
  • Opt-out of the sale of their personal information
  • Have equal service and price, whether or not they choose to exercise their privacy rights

Businesses will also be prohibited from selling the personal information of consumers ages 13–16 (unless the consumer opts-in). For consumers under the age of 13, consent from a parent or guardian will be required. These new protections not only affect California consumers, but also California businesses.

Who Does the CCPA Apply to?

The California Consumer Privacy Act defines a business as a for-profit entity that collects consumer personal data. So, if you’re a business in the state of California that meets at least one of the following thresholds, you may be subject to compliance:

  • Businesses that earn $25,000,000 or more a year in revenue
  • Businesses that annually buy, receive, sell or share personal information of 50,000 or more consumers, households or devices for commercial purposes
  • Business that derive 50% or more of its annual revenue from selling consumer personal information

Under the CCPA, California citizens will have the ability to bring a civil action lawsuit against companies that do not abide by the law. The state can also bring these charges to a company directly — charging a $7,500 fine for any violation that is not addressed within 30 days.

data in business

Why does California’s new law matter for everyone else? It’s part of a global trend pushing companies toward greater accountability with regard to protecting consumer data. Additionally, it has given other countries and states a push towards the importance of taking personal data and consumer rights to data privacy more seriously. Chief proponent of the CCPA Alastair Mactaggart stated that, “While this law just covers California currently, large companies will soon have to offer similar rights to Americans.”

CCPA vs. GDPR

The European General Data Protection Regulation is an evolution of the EU’s existing data rules, the Data Protection Directive (DPD). It addresses many of the shortcomings in the DPD, including adding requirements for documenting IT procedures, performing risk assessments under certain conditions, notifying the consumer and authorities when there is a breach, and strengthening rules for data minimization. People who are familiar with the GDPR will notice some strong similarities to the CCPA.

The CCPA is said to be a model of the GDPR. And, with the recent passage of the CCPA, many people have been wondering how it compares to the GDPR — with some even calling it the American version of the regulation. No matter how influenced the CCPA may have been by the GDPR, there are some clear differences worth noting in each legislation.

Both the CCPA and the GDPR give individuals certain rights to how their personal information is collected and used, however, there are several important contrasts to be aware of. Because California has a much larger economy than the UK, the implications of penalties may be even more severe than that of the GDPR. Even though the CCPA does not go into effect until 2020, we’re already seeing it influence federal legislation.


Check out our interactive Venn diagram below to better understand the similarities and differences between the GDPR and CCPA.

CCPA vs GDPR CCPA: Who it protects CCPA: Personal Information CCPA: Rights Granted CCPA: Right to deletion CCPA: Who must comply CCPA: Basis for consent CCPA: Time allowed to respond to a request CCPA: Financial penalties GDPR: Who it protects GDPR: Personal Information GDPR: Rights granted GDPR: Right to deletion GDPR: Who must comply GDPR: Basis for consent GDPR: Time allowed to respond to a request GDPR: Financial Penalties Similarities between CCPA and GDPR
X

CCPA

Effective date

January 1, 2020

X

CCPA

Who it protects

“Consumers” who are California residents.

X

CCPA

Personal information

Defined as any information that “identifies, relates to, describes, is capable of being associated with, or could reasonably be linked directly or indirectly, with a particular consumer or household.” This includes not only identifiers like name or address, but extends to browsing history, behavioral data, and more.

X

CCPA

Rights granted

Grants consumers five rights:

  1. The right to disclosure.
  2. The right to deletion.
  3. The right to access.
  4. The right to opt-out.
  5. The right to non-discrimination.
X

CCPA

Right to deletion

CCPA right to deletion applies to data collected from and about the consumer.

X

CCPA

Who must comply

“California businesses” of substantial size (with regard to revenue or number of consumers affected) that collect consumer personal data.

X

CCPA

Basis for consent

Allows sites to collect and sell your data if you sign up or make an online purchase and only offers consumers the right to opt-out.

X

CCPA

Time allowed to respond
to a request

Responsible parties have 30 days to respond to a request.

X

CCPA

Financial penalties

Organizations in breach can be fined up to $2,500 per violation for negligent violations and up to $7,500 per violation for intentional violations.

X

CCPA

GDPR

Similarities

  • Encourage transparency in businesses/related entities.
  • Require businesses/related entities to report data breaches to consumers/individuals.
  • Look to better secure and protect the personal information of an individual.
  • Define data processing as “any operations performed on personal data, automated or otherwise.”
X

GDPR

Effective date

May 25, 2018

X

GDPR

Who it protects

“Data subjects” in the European Union.

X

GDPR

Personal information

Defined as any information relating to an identified or identifiable natural person, directly or indirectly. This usually means data like address, license plate numbers, SSN, blood type, bank account information, and more.

X

GDPR

Rights granted

Grants data subjects eight rights:

  1. The right to be informed.
  2. The right of access.
  3. The right to rectification.
  4. The right to erasure.
  5. The right to restrict processing.
  6. The right to data portability.
  7. The right to object.
  8. Rights in relation to automated individual decision making, including profiling.
X

GDPR

Right to deletion

GDPR right to deletion applies to all data collected about the consumer.

X

GDPR

Who must comply

Any “data controllers” (who determine the purpose and means of processing the data) and “data processors” (who process this data for the controller) that holds personal data of EU citizens.

X

GDPR

Basis for consent

Requires consumers to opt-in to data collection by instructing sites to get consent before collecting data.

X

GDPR

Time allowed to respond
to a request

Responsible parties have 40 days to respond to a request.

X

GDPR

Financial penalties

Organizations in breach can be fined up to 4% of annual global turnover or EUR 20 million.

The Big Picture

Governments are beginning to take data privacy very seriously. Like the GDPR, the CCPA iwill have far-reaching impacts across state jurisdictions. And, although the CCPA does not go into effect for another 15 months, we’ve learned from the GDPR that a year and a half isn’t a lot of time to become compliant.

It’s important to start preparing now: being prepared will save your company a lot of headaches (and costly enforcement actions) in the future. Meeting subject access requests – whether for GDPR, CCPA, or another regulation – can be especially difficult to achieve: you need to be able to identify content related to a data subject, classify and protect consumer data, and sometimes even delete upon request.

Don’t expect this to be the last privacy act, either — there are many more on the horizon. Companies should be prepared to meet more stringent data privacy regulations that focus on data discovery, security, and classification.

How Varonis Helps with the California Consumer Privacy Act (CCPA)

How Varonis Helps with the California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA) is set to go into effect on January 1, 2020. It not only gives ownership and control of personal data back to the consumer but holds companies accountable for protecting that data.

What is the California Consumer Privacy Act?

The CCPA gives California residents four basic rights in relation to how companies collect and store their personal information:

  • Transparency: the right to know what personal information a company is collecting about them, where that data came from (including 3rd parties), how it’s used, whether or not it’s being sold, and with whom that data is being shared. This will likely be disclosed via privacy policies (that will be updated at minimum once a year) and on-demand via consumer request.
  • Opt-out: the right to refuse a company the ability to sell their personal data to third parties.
  • Right to be forgotten: the right to have a company delete their personal information.
  • No penalties for privacy: the right to receive equal service and pricing from a company, regardless of whether or not they exercise their privacy rights.

The CCPA requires that companies are able to identify what personal data they’re collecting from individuals, define why they’re collecting the data, and disclose how that data is used.

They’ll need to be able to delete or quarantine that information – and in a relatively short amount of time: companies will need to disclose any requested information within 45 days of the original request.

The CCPA underscores that security of consumer data is a priority, requiring companies to “safeguard California consumers’ personal information and holding them accountable if such information is compromised as a result of a security breach arising from the business’s failure to take reasonable steps to protect the security of consumers’ sensitive information.”1

How does the California Consumer Privacy Act define personal information?

The CCPA takes a broader definition of what constitutes personal information than many regulations–including the GDPR–which will likely have significant effects on business models from targeted advertising to data brokerage.

Broadly, it’s defined as information that can be used to identify a specific individual.

That includes not only personal identifiers like name, email address, postal address, IP address, license number, etc., but extends to biometric data, browsing history, geolocation, and more. The CCPA even includes any inferences drawn from any of the aforementioned data in the definition of personal information.

Who will be held accountable?

  • For-profit companies that collect California residents’ personal information
  • Companies that do business in the State of California,
  • and:
    • have annual gross revenues in excess of $25 million;
    • or receive or disclose the personal information of 50,000 or more California residents, households or devices on an annual basis;
    • or derive 50 percent or more of their annual revenues from selling California residents’ personal information.

What are the penalties?

Companies that don’t comply may be liable for penalties enforced by the California attorney general: up to $2,500 per violation that isn’t addressed within a 30-day window, and/or up to $7,500 per intentional violation.

Additionally, consumers have a right of action (private claim or class action) if their personal information is compromised in a data breach, no proof of harm necessary.

How does Varonis help with the CCPA?

In order to comply with the CCPA, companies need to be able to identify and discover personal information, fulfill data subject access requests, and protect consumer data:

  • Automatically discover and classify CCPA affected data
    Varonis can automatically discover, identify, and classify CCPA eligible data on-premises and in the cloud, and gives context around that data – so that you can more easily locate personal information, create reports with advanced classification criteria, and remediate security vulnerabilities.
  • Fulfill data subject access requests
    Search for data related to a data subject to fulfill public access requests: Varonis helps you locate relevant files, pinpoint exactly who has access, and enforce policies to move, quarantine, or delete personal information.
  • Protect consumer data
    Varonis protects data first, not last: combining data classification and access governance with UEBA and security analytics. With Varonis, companies can not only identify and monitor consumer data, but track who’s accessing it, spot unusual activity, and report on suspicious behavior on regulated and sensitive data.
  • Build a CCPA security policy to meet compliance
    Varonis helps companies build and enforce a data-centric security policy to help meet compliance, protect sensitive data, and prepare for the CCPA.

Varonis helps companies meet CCPA compliance requirements and build a unified data security strategy to protect consumer data.

Are you ready for the CCPA? Get a 1:1 demo and see how Varonis can help you discover, manage, and protect your CCPA data.

1https://www.caprivacy.org/

8 Events That Changed Cybersecurity Forever

computer hacker

Those who cannot remember the past are condemned to repeat it.” – George Santayana

The first computer virus was created in the early 1970s and was detected on ARPANET, the predecessor to the internet. In 1988 the first computer worm was distributed, gaining mass mainstream media attention. A quarter of a century later and viruses have evolved to become a pandemic. Viruses have proliferated quickly and malware has become more complex.

Cyber attacks happen daily and are constantly evolving. From computer worms to large data breaches, attacks come in all shapes and sizes. In the past quarter century alone, cyber attacks have evolved from tiny hacks created by high-school students to state-sponsored attacks compromising presidential elections.

While threats continue to develop, so does the defense against them. It’s important to remember these past events in order to combat impending attacks. Milestone incidents are what made cybersecurity what it is today – take a look at the top 8 events that changed cybersecurity, and why they (still) matter.

Events That Changed Cybersecurity Forever

Though new cyber attacks appear each day, these top 8 watershed moments had a major impact on security and have led to where we are today. Here are just a few lessons we can learn from cybersecurity history.

  1. Never assume it won’t happen to you: Anyone and everyone is susceptible when it comes to data – whether it’s stored in the cloud or on premises.
  2. Hackers come from all over: Attacks no longer comes exclusively from hackers in their parents’ basements. They have evolved geographically, advanced in sophistication, and the amount of attacks from overseas has increased drastically.
  3. Insiders are just as dangerous: Vulnerabilities now come from the inside as well. All it takes is one click on a phishing email. Educate your employees on basic cybersecurity terms so that they are able to protect themselves and the company.
  4. Hackers are not going away: With change in technology comes change in crime — and cybercriminals are working harder than ever. It’s important to always be alert and keep up with important trends in order to keep you and your organization as safe as possible.

Unfortunately, the number of cyber attacks is only going to continue increase, and the impact of those attacks is becoming more significant than ever. It’s important to arm ourselves with what we can: learn from the past and protect your data first, not last.

Uncover your biggest security risks with a data risk assessment – and see how Varonis helps protect your data from the next generation of cyber attacks.

Infographic Sources:
Infosecurity, CSO, Verizon Data Breach Report, Wikipedia, TheGuardian

Varonis DatAlert and IBM QRadar

Varonis DatAlert and IBM QRadar

Varonis now integrates with the IBM QRadar Security Intelligence Platform, with the Varonis App for QRadar.

The Varonis App for QRadar adds context and security analytics to simplify investigations, streamline threat detection, and build more context around security alerts and incidents.

How It Works

You can view Varonis alerts directly in IBM QRadar – and can drill down and investigate alerts in the Varonis Web UI for additional insight, accelerating security investigations.

We correlate Varonis alerts with events collected by IBM QRadar, so that you can visualize potential security breaches, misconfigurations, and at-risk data with additional context and security analytics from Varonis.

In QRadar, simply click on the DatAlert link in QRadar to investigate a security threat.

From here, you’ll get visibility and a high-level overview not only of alerts over time, but of top alerted users, top alerted devices, top alerted assets, and top alerted threat models – the alerts on suspicious activity or user behavior that have been triggered the most on your core data stores.

Drill down into the DatAlert web UI to investigate suspicious activity and get additional insight and context into what’s going on.

Together, Varonis and IBM QRadar enable customers to enhance their data security, streamline threat detection, and simplify investigations.

Varonis DataPrivilege and RSA® Identity Governance and Lifecycle

Varonis DataPrivilege and RSA® Identity Governance and Lifecycle

We’re thrilled to announce interoperability between Varonis DataPrivilege and RSA® Identity Governance and Lifecycle, with a new Implementation Blueprint.  This Implementation Blueprint will help the business to quickly detect security and compliance access risks and amend access entitlement issues associated with unstructured data.

How it Works

The Varonis Data Security Platform helps prepare enterprise data for RSA Identity Governance and Lifecycle by finding data owners, correcting inconsistent permissions, removing global security groups, and simplifying and maintaining permissions structures.

Companies that implement Varonis DataPrivilege interoperability with RSA Identity Governance and Lifecycle benefit from:

  • Enhanced visibility and control of unstructured file systems directly within RSA Identity Governance and Lifecycle;
  • Meeting access control policies by helping to ensure that users have appropriate access permissions;
  • Reducing attack surfaces and assisting with compliance by limiting access privileges and deactivating stale/orphaned accounts; and
  • Automating attestations, provisioning and de-provisioning of access permissions.

Learn more

 

Data Classification Labels: Integrating with Microsoft Information Protecti...

Data Classification Labels: Integrating with Microsoft Information Protection (MIP)

We’re thrilled to announce the beta release of Data Classification Labels: integrating with Microsoft Information Protection (MIP) to enable users to better track and secure sensitive files across enterprise data stores.

By integrating with Microsoft Information Protection, customers will be able to automatically apply classification labels and encrypt files that Varonis has identified as sensitive. Users can manually tag documents, and Varonis will ingest this information to provide additional context around the data.

Data Classification Labels utilizes our sophisticated rule capabilities to target specific data, and leverages our extensive pattern repository to build even more labeling rules.

In addition, Varonis can find mislabeled files that contain sensitive data based on our advanced classification engine and re-apply the correct labels. Varonis customers can analyze existing classification results for labeling, intercept existing labels and apply new ones automatically.

Data Classification Labels uses both Azure and AD RMS encryption to protect incoming and outgoing data.

Want to see it in action? Get in touch with your SE and ask for a tour of Data Classification Labels – and test it out on with your own policies.

Benefits Overview:

  • Classify a file based on its MIP label
  • Decrypt and scan the content of MIP encrypted files
  • Automatically apply an MIP label according to the configuration, while skipping any file which was manually labeled
  • Automatically correct (and report on) mislabeled files
  • Automatically perform bulk re-label when a policy is changed
  • Enrich Varonis classification report with classification labels data