NIST Cybersecurity Framework – Respond

In last week’s email, we talked about the third NIST Cybersecurity Framework category – Detect. This week we will be discussing the fourth category – Respond. As with Protect, the general idea of Respond seems pretty clear-cut.

Read more

Tech Tidbit… Cybersecurity is everyone’s responsibility

  Cyber Security has grown into an issue that needs to be addressed by everyone in a school district, not just by the Director of IT. To that end, we are starting a weekly bulletin series aimed at helping School Business Officials, who generally own the district’s risk management responsibility, become more knowledgeable about the […]

Read more

Tech Tidbit…Risky Business

  In August of 2021, CISA added “Single Factor Authentication” to its list of practices it considers “exceptionally risky” as it exposes you to an “unnecessary risk from threat actors”. Your district auditors and the NYS Comptroller’s Office technology auditors are most likely pestering you about your multi-factor authentication (MFA) strategies and beginning to ding […]

Read more

Tech Tidbit: No More Local Admins!

Your techs *should not* be local admins anymore. It is simply too dangerous.   I have personally been a limited user on all my laptops, VMs and desktops for three years. I am living a happy life. It is time to completely eliminate this concept of “Techs are Local Admins”. It is simply too dangerous […]

Read more

Tech Tidbit: You actually have to test your equipment

We have to plan to safely ride out storms and other unforseen events   I am fresh off another weekend of power issues with the big storm. It was another object lesson that it is imperative to actually test disaster recovery strategies.

Read more

Tech Tidbit – Potentially Unwanted Applications (PUA)

  You can easily block these applications from getting on your endpoints Here’s a quick Tech Tidbit: Configure your “Potentially Unwanted Applications” (PUA) settings in Windows Defender. Hopefully you kept Windows Defender on each workstation and server regardless of what your primary antivirus or EDR type security product is.

Read more

Tech Tidbit: Rejection is hard

  “Everyone fears rejection” -Derek Jeter It finally happened. I got kicked in the head and rejected. Here is what happened. As you may know, for last couple of years I have been writing and presenting on email reliability.

Read more