“When it absolutely, positively has to be there overnight” – FedEx As many of you know, Bob and I have been doing this for a while – 41 years in fact.   And through all those years, every day is new and fun.   Thanks for your support and friendship and trust through all those years.

Last time I talked about making email safer.   I focused on inbound email to your users and outbound encrypted emails.   However, I neglected to say that advanced spam filters also work outbound.   That means that your end-users email and attachments will be scanned to protect against an inadvertent sending out of malicious content.

Last week I talked about the importance of Cloud Backup in our new remote teaching and learning and back-office school environments. This week I am going to talk about secure and reliable communications. The reality is that the number one threat to your network is your users clicking on attachments or web links that lead […]

Disk encryption is growing in popularity as a means of better-securing laptops and desktops.   Microsoft is offering BitLocker natively in Windows 10.   Microsoft Endpoint Configuration Manager has a built-in BitLocker Administration console.  If you don’t have SCCM, then Microsoft offers the MBAM console to manage encryption.

For the last few years Microsoft has been talking about “Modern” this or “Modern” that.  In the quest for improved security they are agressively trying to move everyone to more modern protocols.  The impending LDAPS changes are an example of this.   However, there are more processes and protocols that they are urging you to retire.

I constantly harp on denying the bad guys access to your network, and if they are inside already, denying lateral movement.  At the last Tech Talk, I mentioned that I am watching many of the Paladin Sentinel Monitoring sites just RDP into all the servers with the true Domain Admin Administrator ID – just like […]

We have spent two decades linking all sorts of servers and processes to Active Directory for “ease of use”.   Sadly ease of use now can also mean “ease of hacking”.  Therefore, we must be much more critical of when integration is genuinely helpful (LDAP for instance), vs.

Cisco is trying to do their part during the Pandemic. If you are a Cisco AMP, Cisco DUO, Cisco Umbrella, or Cisco AnyConnect client, Cisco is allowing you to increase your license counts – without cost to the district – until July 1, 2020.  This allows you to truly do the right thing for all […]

The reality of many K-12 school districts is that you either have handed out or are handing out laptops to teachers and critical staff to get through this quarantine.   All those great tools you had been using: WSUS, SCCM, and KACE are now functionally useless for those remote users.

Suddenly we are pivoting to supporting a large number of remote users.  In some cases, they are using personal devices that are not under your control.  In other cases, it is your equipment, but SCCM and KACE type products are designed for inside the network not for remote users.