NetVision

NetVision Company Blog

A Discussion on Effective Audit of User Access

Verizon Data Breach Report 2011

Tags: , , ,

The 2011 Verizon Data Breach Investigations Report was released recently and there are a number of interesting findings. At a glance, these quick stats caught my eye on page 3:

  • 83% of the attacks were crimes of opportunity
  • 92% of the attacks were not highly difficult
  • 76% of all data was compromised from servers
  • 96% were avoidable through simple or intermediate controls

And of course, the mitigation recommendation on the same page:

“Audit user accounts and monitor privileged activity.”

One puzzling number was that only 17% of breaches were reported to be completed by insiders. I find that strange because greater than 80% were crimes of opportunity, not difficult, and easily avoidable. Those attributes would typically point to insiders who have the most opportunity.

Another interesting point:

“For the second year in a row, it is regular employees and end-users—not highly trusted ones—who are behind the majority of data compromises. This is a good time to remember that users need not be super users to make off with sensitive and/or valuable data.”

Have a read for yourself if you’re interested in more data on breaches and breach activity across the market. As always, I’d recommend to take this report in the context of all other similar reports, news articles, common sense, and your own experience.

Setting up Windows and Active Directory Event Log Auditing

Tags: , , ,

There is more than meets the eye when it comes to Windows event log auditing for Active Directory or Windows file system. You can’t just “switch it on” as some might have you think. A recent NetVision white paper takes a lighthearted look at the steps involved in setting up Windows audit and event logging. It identifies some of the considerations and complexity related to Windows event log auditing. You can find the paper on our knowledge page. We invite you to take a look (quick registration required).

For an abbreviated version, take a look at our recent newsletter on this topic.

© 2009 NetVision Company Blog. All Rights Reserved.

This blog is powered by Wordpress and Magatheme by Bryan Helmig.