In last week’s email, we talked about the third NIST Cybersecurity Framework category – Detect. This week we will be discussing the fourth category – Respond. As with Protect, the general idea of Respond seems pretty clear-cut.

It is already a weird summer for me. I normally go to Acadia National Park right about now and enjoy the Maine weather. (It is so weird that NY has Maine weather so far). Instead of my normal summer routine, this year I am moving one of my daughters into the University of Alabama at […]

  Cyber Security has grown into an issue that needs to be addressed by everyone in a school district, not just by the Director of IT. To that end, we are starting a weekly bulletin series aimed at helping School Business Officials, who generally own the district’s risk management responsibility, become more knowledgeable about the […]

  In August of 2021, CISA added “Single Factor Authentication” to its list of practices it considers “exceptionally risky” as it exposes you to an “unnecessary risk from threat actors”. Your district auditors and the NYS Comptroller’s Office technology auditors are most likely pestering you about your multi-factor authentication (MFA) strategies and beginning to ding […]

  I am sitting here at 6 am doing the morning review of all our Paladin Sentinel Monitoring school districts. The storm came overnight and there are lots of noisy UPSes, but thankfully it is a pretty boring morning. Boring is good.

Your techs *should not* be local admins anymore. It is simply too dangerous.   I have personally been a limited user on all my laptops, VMs and desktops for three years. I am living a happy life. It is time to completely eliminate this concept of “Techs are Local Admins”. It is simply too dangerous […]

We have to plan to safely ride out storms and other unforseen events   I am fresh off another weekend of power issues with the big storm. It was another object lesson that it is imperative to actually test disaster recovery strategies.

  “I think someone shot a torpedo at us” -The Hunt for Red October It started out as an ordinary weekend full of kid’s schedules and errands. I was over at the Boy Scout Camp in the woods picking up my son from the annual Klondike event.

  You can easily block these applications from getting on your endpoints Here’s a quick Tech Tidbit: Configure your “Potentially Unwanted Applications” (PUA) settings in Windows Defender. Hopefully you kept Windows Defender on each workstation and server regardless of what your primary antivirus or EDR type security product is.

  “Everyone fears rejection” -Derek Jeter It finally happened. I got kicked in the head and rejected. Here is what happened. As you may know, for last couple of years I have been writing and presenting on email reliability.