Orlando Scott-Cowley
by

Big Data: Focus and Practicality Now Vital

It’s been years in the making and has had its fair share of media hype, but according to Gartner’s August ‘Hype Cycle Special Report for 2014‘ the concept of Big Data has now entered its aptly named ‘Trough of Disillusionment’.

It's been years in the making, but according to Gartner's August 'Hype Cycle Special Report for 2014' the concept of Big Data has now reached the point where we're now in the 'Trough of Disillusionment'.

It’s been years in the making, but according to Gartner’s August ‘Hype Cycle Special Report for 2014′ the concept of Big Data has now reached the point where we’re now in the ‘Trough of Disillusionment’.

And it’s not Gartner alone. Talk to industry stalwarts and a clear message comes back – the honeymoon is over. No longer is it a positive buzzword in meeting rooms. It’s becoming tangible…real people with real salaries and real job titles are now associated with the discipline of managing and making the most of a company’s big (or small) data, both locally and in the cloud.

We’ve come to realize there are a number of opportunities for big data and it’s management, as outlined in IBM’s August report titled ‘The New Hero of Big Data and Analytics‘. In it, a new C-suite role is outlined, along with five areas are a Chief Data Officers (CDOs) can optimize and innovate in:

  1. Leverage: finding ways to use existing data.
  2. Enrichment: existing data is joined up with previously inaccessible (fragmented) data either internal or external.
  3. Monetization: using data to find new revenue streams.
  4. Protection: ensuring data privacy and security, usually in collaboration with the Chief Information Security Officer.
  5. Upkeep: managing the health of the data under governance.

It’s a great list of general outcomes for those who manage data to plan around over the coming years, but what might be even more useful is a planning framework to help develop these plans now.

Obviously this framework will evolve, and to some extent there will be a degree of trial and error as organizations try to wrangle increasingly large data-sets. But I thought it’d be useful to make some suggestions for considerations against these outcomes. So I’ve come up with some key questions to gather information to help in the CDOs strategic planning. Answering yes to most, if not all of these questions is a good indication a CDO in your organization would have a beneficial business impact.

  1. People: as mentioned in IBM’s report – is the CDO’s office a guiding, enforcing authority? Is the office fully aligned to the business and scalable? Are the skills available appropriate? Is the business giving the CDO authority or permission to operate?
  2. Compliance: not just with regional and industry regulation but with the company culture.
  3. Intelligence: how can the right information reach the right people in a digestible form that catches their attention? Does the information remain useful throughout its lifecycle?
  4. CIA: Confidentiality, Integrity and Availability. The triangular cornerstones of any information security policy, no less important. Can your CDO guarantee data CIA, and have board level authority therein?
  5. Technology: which technology providers can help support these outcomes today, and well into the future? Does the chosen technology scale in line with the parabolic growth of data, or is it linear or worse, unpredictable?

It’s by no means a definitive list, but we hope it helps stimulate the conversation around this emerging discipline of curating data to a commercial end. I look forward to sharing ideas with our customers and partners on this over the next few months. And as always, I’d appreciated any comments under this post.

by

Graymail – Mail That You Want, but Just Not in Your Inbox Right Now

The mail you want, but just not right now. Seems like an odd way to talk about email, either you want it or you don’t. For years we’ve been talking about the unwanted types of email, like spam, that have grown to be a pest, but which have largely been dealt with by effective anti-spam services; but now there’s a less distinct line between good and bad as far as our users are concerned. The email that sits in this middle ground has become known as graymail.

Mimecast’s new Graymail Control automatically categorizes graymail and moves it to a separate folder – allowing end users to review the messages at their leisure and keeping the inbox optimized.

Mimecast’s new Graymail Control automatically categorizes graymail and moves it to a separate folder – allowing end users to review the messages at their leisure and keeping the inbox optimized.

More specifically, graymail is email like newsletters, notifications and marketing email. The types of email marketing you are bombarded with receive when you buy something online or use your email address to sign up for something. Normally you are opted-in to these marketing emails unless you manage to spot the often well-hidden opt-out tick box. These emails are initially interesting, but grow tiresome quickly.

You’re unlikely to want them all in your inbox right now, but somewhere else that makes them easier to read later. Many consumer grade email providers offer a way of categorizing graymail, such as Gmail’s Primary Inbox and Promotions tabs.

Graymail isn’t new. The idea was first suggested by Microsoft researchers in 2007, at the now defunct CEAS conference. Graymail, or Gray Mail as it was called then, was defined as messages that could be considered either spam or good. It’s fair to say many end users consider newsletters that they opted-in to, mostly unknowingly, as spam even though they could easily unsubscribe from the sender’s distribution lists.

Graymail is also described by the phrase “Bacn”, (as in bacon). The first use of the term Bacn is thought to have been coined at PodCamp Pittsburgh 2, as a way to differentiate between spam, ham and bacn in your inbox.

The unwillingness of end users to unsubscribe, or understand the problem as being somewhat self-inflicted, has led many enterprise IT teams to look for a solution. As a provider of email security services, Mimecast’s Threat Operations and Spam teams know first-hand how users are inclined to report bacn or graymail as spam email. A large percentage of the email submitted to Mimecast for analysis as spam is in fact legitimate marketing email with valid unsubscribe links.

It has become increasingly obvious that end users will continue to be frustrated by this graymail problem. The most straightforward solution is stemming the flow in such a way that keeps an enterprise inbox free of bacn so legitimate business-related emails take priority. Mimecast’s new Graymail Control provides this capability, by automatically categorizing graymail and moving it off to a separate folder – allowing your end users to review the messages at their leisure and keeping the inbox optimized.

If you’d like to find out more technical detail about how to configure Mimecast’s Graymail Control please visit our Knowledge Base article here.

by

Another Day Another Breach – eBay…Now Office

eBay seems to be coping with the hack of its user database. Weeks on from the announcement that its user database had been breached and we’re seeing millions of users change their passwords after receiving notifications from the online auction giant.

If you missed the news, around 145 million eBay users had their email addresses and encrypted passwords stolen when one of eBay’s databases was breached.

We now know that hackers were able to gain access to the user database by compromising three corporate eBay employees and using their credentials to access the eBay network. eBay has also told us that it believes there was no customer data compromised initially, but gives little more information than that.

We can speculate that the attack was most likely perpetrated through a targeted attack in email or a spear phishing attack. If this is right, the corporate employees of eBay who had their credentials compromised would have been sent a link in an email that tricked them into giving away their user details. We don’t yet know if those credentials were eBay’s website username and passwords or if they were network or corporate credentials.

Spear phishing and targeted attacks have become the de facto attack vector for anyone hacker trying to compromise an enterprise. Attackers know that most organizations have been lulled into a false sense of security regarding spear phishing – thinking that their existing legacy anti-spam and anti-virus systems protect them from spear phishing. While it would be true to say the majority of Secure Email Gateway vendors have started to build in protections for spear phishing; we also know that all the recent major and most public breaches have successfully snuck past major security vendors.

This week brings another personal data compromise. Office, a UK shoe retailer has admitted that its website has been compromised to the extent that customer personal data has been stolen. Office is asking all its customers to change their passwords.

Office and eBay are both quick to point out that no “financial information” was stolen. While this seems to be the case, stealing personal data, as in the Office hack, may give the attackers enough information to allow them to steal your identity. Once you lose that, you risk losing that key financial information.

The CIOs and CISOs I talk to are generally worried; none of them want to be the next big breach. They all understand the risks associated with spear phishing and are all trying to educate their users, but many worry constantly about those few users who still click the link in the email, or enter their user credentials in mystery websites.

Protecting against this human risk is a much tougher task, and until we solve that, these big breaches will continue. It’s why new security technology to counter spear phishing like our Targeted Threat Protection service must be combined with effective user monitoring and education if we are to successfully counter this growing threat to our organizations.

by

eBay – A Trophy Hack?

The news over the last week confirmed that eBay has been hacked. Media comments suggest that upwards of 145 million users have had their account details, including passwords and personal information, stolen.

According to reports, the story started when a bizarre blog post appeared on PayPal’s website that indicated eBay was asking users to change their passwords. The post was quickly deleted, but not before it had been retweeted dozens of times. The cat was out of the bag and eBay started making the headlines.

What we know

eBay has been hacked! If this isn’t alarming enough, consider that eBay’s user-base is huge and the data that appears to have been stolen contains more than just usernames and passwords. eBay is obviously worried that the breached database contains personal information as well as encrypted passwords.

What we dont yet know

So far eBay has been reasonably tight lipped about the breach. But there are some significant unanswered questions that it needs to address quickly:

  • How much data was stolen, and how easy would it be for the attackers to use that data?
  • How was the data encrypted?
  • How were the passwords encrypted? How strong was the hash function and were the passwords salted too?

The trophy hack

eBay is one the world’s largest websites and given the nature of its business need to retain a significant amount of personal information about its users. In terms of a target for attackers, eBay is a holy grail and a trophy, because a compromise of its databases would be the one-stop-shop attackers need to gain personal and financial information.

What you should do now

The advice in the event of hacks like this is always the same. Change your password. Consider also changing your PayPal password in this case.  Although PayPal appears not to have been affected, I’m betting lots of people use the same password for PayPal as they do for eBay.

Then consider which other sites you may have used that password on. This is yet more proof if you need it why you must never share passwords across websites, but despite the common sense of this many people still do it. Also change and rotate your passwords regularly.

Better still, use a password tool like LastPass (other password tools are available) which will generate a long and complex password for you, then remember the site and password for you.

I’m waiting to see how this incident pans out and I’m expecting we’ll learn a lot from it. I’ll provide more analysis on this blog shortly.