Security

Microsoft Recall = User Ephemeral ESI

Doug Austin and Prosearch have been covering Recall privacy concerns. It is not surprising that the local Recall database is hackable. Many forensic peers would call that an ‘accessibility feature’ for discovery scenarios. Will savvy plaintiff counsel add language to their demand letters requiring Recall enablement and content preservation for key custodians in scenarios with ongoing behavior issues? This is essentially user ephemeral data. [...]

Microplagiarism – Is GPT Stealing Your Work?

“Write a paper on analytic data visualization in the voice of Skip Walter.” That was the rough GPT3 prompt my mentor Skip submitted in our early testing of OpenAI GPT-3 playground. A lifetime rich in academic, professional and patent publications gave GPT-3 more than enough source content to create a convincing literary product. Convincing until Skip started finding familiar sentences and chunks of verbiage [...]

Detecting the Departing

The article gives some excellent caselaw consequences that should nudge corporate legal to reassess their employee departure policies and remedies available when data walks out the door. As I mentioned in my recent blog covering M365 Records Management, #Microsoft is adding a ‘Leavers’ classifier to public preview for premium E5 license customers.

The Great Resignation, Return or Reshuffle? Part 2

A recent Zapier survey on the future of work polled 600 #knowledgeworkers from SMB companies. 64% said that remote work makes them more productive. While they feel more productive, how can remote professionals demonstrate that productivity without giving up their privacy?   The Great Reshuffle is about the evolving employee-employer relationship more than just where we perform that work. Monitoring utilization, security and work [...]

How Locked Down Are Your Users?

I have been alpha testing some new tech recently and ran into wildly different levels of user endpoint security across global enterprise environments. None of the endpoint security surveys I found included practical strategies and policy practices restricting user access to external cloud applications, browser extensions, desktop apps and mobile apps. I wrote a quick survey covering these and hope that you are as [...]

By |2022-05-03T16:19:10-05:00May 3rd, 2022|Essay, Privacy, Security|0 Comments

Incognito Does Not Mean What You Think It Means

Google’s definition of ‘private’ is slowly coming to light thanks to a $5B class action lawsuit and recent Congressional hearings. There seems to be some emails and second hand accounts supporting the assertion that Google executives were well aware of how the public might react if they found out that Google and other sites could still track user searches, URL’s and actions while in [...]

By |2021-09-27T10:36:44-05:00September 27th, 2021|Caselaw, Essay, Compliance, Privacy, Security|0 Comments

Apple Scanning ALL U.S. iPhones in a BYOD World

Apple plans to start scanning all U.S. iPhones for images of child sexual abuse using a tool called “neuralMatch” or “NeuralHash” against a database of known images. Womble Dickinson’s JDSupra article covers many of the high-level privacy concerns and explores Apple’s plans for a service that will scan encrypted messages for sexually explicit content to provide parental notice. Using a generated hash to check [...]

Your Amazon Account has been Hacked, Or Has It?

Got great feedback after my last skirmish with a phishing attempt so here is today’s attempt: [Greg] Hello, how may I help you? [digitized voice] This is Amazon security calling in regard to a recent $1499 purchase. Our system flagged this purchase because of suspicious elements and we need you to either confirm or contest this purchase. To be fair, I buy a lot [...]

By |2021-02-11T17:23:31-06:00February 11th, 2021|Essay, Security|1 Comment

Hackers Targeting M365 eDiscovery Services

Thanks to my friend Jason Velasco for drawing my attention to the article Hidden Dangers of Microsoft 365’s Power Automate and eDiscovery Tools. Hitesh Sheth at DarkReading.com is extrapolating from a massive data collection study from 4 million Cognito Detect for Office 365 customers by Vectra. I am not sure that I agree with his red flag alert that hackers are actively using Power [...]

By |2021-02-10T10:29:24-06:00February 10th, 2021|Essay, Security, ESI Sources, Architecture|0 Comments

Teams Allows Guests by Default – Hackers Cheer

Because MSFT Admin notices are not posted in a public facing site, I am attaching a PDF of the notice below. Cyber threats and indirect hacking attempts have blossomed in the pandemic remote working age. I brought this change up to cyber security guru John Wilson (HaystackID) on a webinar prep call today. He commented that this could be the equivalent of ‘rolling out [...]

By |2021-01-20T17:16:16-06:00January 20th, 2021|News, Security|0 Comments
Go to Top