Apr 02
Spirion G Suite Overview

RESOURCES

CONNECTION TO GMAIL AND STORAGE

The connection to Google services for G Suite (GDrive/Gmail/Calendar) is done through the following process. This is connection process using he API for Spirion to Google - https://my.spirion.com/help/enterpriseconsole/index.htm#3594.htm?Highlight=google

STORAGE CONNECTION

E-MAIL CONNECTION

SEARCH

RESULTS

PREVIEW OF RESULTS

GOOGLE DRIVE FILES

When downloaded to the desktop you can view its Tag (Data Classification) using Windows Explorer.

GMAIL

 

 

When a file is sent through Gmail and saved to the desktop you can see both the icon overlay which depicts the data classification, by viewing the file properties (right click) tab, or by opening the file to view the classification which is displayed in the Ribbon or menu options.

Mar 25
Solar Power Potential

This is a very useful web map for solar power potential that Google has created - ​https://www.google.com/get/sunroof

Enjoy!

Mar 22
LDAP Targeting Specific Mail Stores

Most organizations use service accounts with access to specified groups of mailboxes to target searches, however in some conditions or as a backup an option you can use is the LDAP method. For example, you can use LDAP to return mailboxes in chunks (all As or Bs, etc).

Below is an example query -  this is placed in the LDAP box for the Exchange server entry.

<LDAP:/server.domain.com/OU=ou,DC=domain,DC=com>;(& (mail=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*))) ));mail;subtree

Feb 26
Spirion- Connect to Salesforce

Spirion is capable of searching many database types such as Microsoft SQL Server, Oracle, MySQL, PostgreSQL, Sybase, DB2, and many others.  Included is the ability to search other backend systems such as Salesforce using the Progress Software ODBC driver to connect to the Salesforce backend data.

SFDC ODBC Driver Information:
DataDirect Connect for ODBC (Windows) Installation Tutorial  
Quick Start Guide

ZenDesk - https://querysurge.zendesk.com/hc/en-us/articles/205766086-Configuring-Connections-Microsoft-Excel

Feb 20
Spirion File Metadata – Data Classification

All files have metadata associated which provides descriptive information about a document (file\data). This metadata provides the characteristics of a document which facilitate the ability to categorize it. Metadata such as an author, date created, and topic are typical examples of metadata. For corporate documents, additional common metadata can include information such as Data Classification which Spirion provides. 

The Spirion Data Classification process imbeds a friendly name, associated GUIDS, and other tags as indicated from the below metadata extract. The Spirion metadata tag for classification can be resolve in many ways.  You can view this directly through the metadata properties of the files such as Word as highlighted in the Doc properties.

 

From a metadata view perspective, the following table contains all XML metadata found using a program like "exif" viewer such as this useful online tool located at https://www.get-metadata.com.   

When I ran the same document to extract the metadata I received the following snippet:

Application
Microsoft Office Word

Category 
application

Characters 
23

Characters With Spaces 
26

Create Date 
2013:07:08 18:32:00Z

Creator
XXXXXXXXXX

Doc Security
None

File Modification Date/time 
2018:02:07 22:56:31+01:00

File Name 
Foreign_Doc.docx

File Size 
10 kB

File Type 
DOCX

File Type Extension 
docx

Heading Pairs
Title, 1

Hyperlinks Changed
No

Ifclassification
02adfcec-0ea5-44bc-98a9-f5a82c871c00

Ifclassification Flags
16384

Ifclassification Flags Type
1

Ifclassification Name
Internal Data

Ifclassification Name Type
1

Ifclassification Type
1

Ifclassification Version
43ee0c5f-e038-421c-8a3e-ab4eB1166124

Ifclassification Version Type
1  

The highlighted section is the GUID and the friendly name as tagged by the Spirion data classification process. The GUID attribute "Ifclassification" can be used in many ways such as surfacing Classification for DLP or viewing the XML and ADS extract utilities should be able to locate this any many other attributes.  For example when using this attribute for a DLP, this process allows integration using the Data Classification Friendly Name and associated GUID.

Feb 20
Spirion – Access Control List in Results Tab

When I view the ACL list for data discovery in the results tab, why are these blank?

This setting must be enabled to view the ACL's, this can be done using the following.

  1. Navigate to the Console > Policies > Policy (from the Policy List) > Settings> Locations > Files > RetrieveFileACLDuringSearch, this is disabled by Default.

Feb 16
Spirion Security & Sneakers Event with Tevora

Cory Retherford (www.coryretherford.com)

Solutions Engineer, Spirion

Specializing in security architecture and data management. SANS certifications and (ISC)² Member and certifications. 20 years as an IT professional with focus in data security and operational data security risk reduction. Real world solutions implementation experience in large and complex environments.

Abstract

Will discuss the fundamentals meeting GDPR compliance beyond the traditional interviews with the application or process owners. Narrowing the project scope and creating data awareness is critical for any security programs success. Will discuss an approach to meeting compliance and implementing technical automation to help drive information worker security awareness and concentrating resources to protecting critical subject data.

Download the Presentation

SecurityandSneakersPresentation.pdf

Feb 02
Spirion – Update License

The following illustrate the steps needed to update the license in the Console and Endpoint Software.

Console License Update

 

Client License Update

Feb 01
Spirion and NIST

This is a fantastic article on mapping DFARS 7012 and NIST SP 800-171 Regulatory Compliance Requirements with Spirion I authored.

http://info.spirion.com/rs/369-OZQ-876/images/WP-Supporting_DFARS_7012_NIST_800-171_compliance_requirements_with_Spirion.pdf

Feb 01
Spirion Web API

This link provides additional information about the Spirion web API.

Any SIEM tool being integrated with Spirion will require the ability to authenticate into Spirion via the REST interface either through developed middleware (such as Splunk), or the capability of scripting a login directly through Spirion's REST interface.

Splunk API

Please refer to the following kb article: Installing and configuring the Spirion Web API for Splunk

Splunkbase Spirion user guides

 

1 - 10Next
Copyright © | CoryRetherford, LLC | Contact MeNetwork Storage and Security Solutions, LLC, Rights Reserved.®
TLS 1.2, AES with 256 bit encryption

 ‭(Hidden)‬ Blog Tools