We always have the Paladin Sentinel Monitoring console up during the day. I am still seeing mass use of the domain administrator account to RDP into servers and lots of daily RDP connections in general. There are legitimate reasons to RDP into servers.

Weekly Tech Tidbit – Less Is More: Less RDP and More Delegation

Why Huntress Should Be Added To Your Security Stack – Recording Available
You all may have heard Scott talking about “those ex-NSA guys at Huntress” he talks to. Bob and Scott have been stressing the importance of layers of security for proper cyber defense for many years now. CSI uses Huntress on all Windows machines.

Tech Tidbit – The pain of changing passwords
“Treat your password like your toothbrush. Don’t let anyone else use it and change it every six months” -Clifford Stoll Password security is always on our minds. The NYS Comptroller’s Office technology audits love to list this in audit reports as an area that needs improvement.
Special Session with the former White House CISO about the Ukraine War – Recording Available
This month we talked about how the Ukraine situation affects the cybersecurity landscape for the US and what it means for network security. Leading this discussion was Jason Whitehurst, a cybersecurity professional of over 20+ years, and Vince Crisler, former White House CISO and DarkCubed founder and CEO. Scott Quimby had the opportunity to listen […]

Tech Tidbit – My Achilles Heel – Closing your District’s Vulnerability Gaps
“Legends state that Achilles was invulnerable in all of his body except for one heel because when his mother Thetis dipped him in the River Styx as an infant, she held him by one of his heels. Alluding to these legends, the term “Achilles’ heel” has come to mean a point of weakness, especially in […]

Ransomware and Incident Response: How Security Controls Help Districts Reduce Risk and Prepare for Action (and achieve Ed Law 2-d Compliance) – Recording Available
Speaker: Alan Winchester, Chief Development Officer, Caetra.io Alan Winchester is the Chief Development Officer and creator of CyMetric™. His vision is to enable customers overwhelmed with the issues surrounding legal compliance to meet their obligations intuitively and simply, reducing the need to incur the expenses of consultants and lawyers.

A discussion of MITRE ENGENUITY 2022 independent testing results – Recording Available
Mitre Engenuity has released its 2022 fully independent evaluation of 30 of the most common cybersecurity endpoint protection platforms. Why does this matter? The 2022 assessment and results are particularly interesting because the payload they used is the most common, and nefarious, ransomware and malware variants in use today.

CSI is hiring. Come join our growing family!
CSI is growing again. We are looking for high-quality individuals to work with our service delivery team. For more information on the positions available please click here.

Improve Your District’s Endpoint Security so You Can Sleep Better at Night -Recording Available
There is nothing more important than keeping your district and staff and students safe. Cybersecurity is not a topic that you can simply check off the list as done. Much like the computer industry itself, six months ago was the Stone Age.

Weekly Tech Tidbit – Risk and Compliance Part III – Making your email more reliable
Last time I talked about making email safer. I focused on inbound email to your users and outbound encrypted emails. However, I neglected to say that advanced spam filters also work outbound. That means that your end-users email and attachments will be scanned to protect against an inadvertent sending out of malicious content.

Weekly Tech Tidbit – How to take the first steps to protect your school district
We have all had at a flood of information come at us in the last nine months regarding ransomware, malware, and cyber security options from all different quarters (cyber-seminars, vendors, various government agencies, and from even yours truly). It is easy to see how one could get a bit lost as to how to decide […]

CSI is pleased to announce that we are an approved reseller under the NCPA Cooperative Purchasing Alliance
Through our partnership with Synnex Corporation CSI is an approved vendor on the NCPA national purchasing contract which is a legal alternative for our public sector and K-12 clients to either the NYS OGS or Federal GSA IT Schedule 70 contracts.NCPA (National Cooperative Purchasing Alliance) NCPA is a leading national government purchasing cooperative working to […]
Protect Your District from Business Email Compromise
Please join us *tomorrow – Wednesday, October 12th* for an upcoming webinar focusing on Business Email Compromise. Jason Whitehurst, a cybersecurity professional, will be speaking about the significant increase in business email compromises for school systems.

VMware vSphere Users – Urgent End of Life Notice
All versions of vSphere prior to version 7.0 are about to be retired from support I would like to make you aware that on October 15th, 2022, all VMware vSphere versions prior to version 7.x will no longer be supported by VMware.

Weekly Tech Tidbit – I challenge you to prove your backups work
“None shall pass” -The Black Knight “Monty Python and the Holy Grail” Today I would like to challenge you to “test two aspects of your network backups. Most of you have never done this because yPreview (opens in a new tab)ou are “too busy putting out fires”. It is summer.

Weekly Tech Tidbit – The attack of the Smart TVs
A few years ago, in a Tech Talk I talked about a major college that suffered a complete network lockout due to a soda machine that introduced malware into the network that sought out all the default passwords on their devices and locked out an estimated 5,000 devices that each had to be manually […]

Weekly Tech Tidbit – Paper’s Please
The first line of email defense is a properly formed SPF record “Paper’s Please” Those words denote fear. Some official, authority person (often with a gun and with lots of their co-workers with guns) is asking for identification at a checkpoint.

Microsoft releases an out of band patch for Domain Controllers addressing authentication issues
I wanted to update you on the Microsoft authentication issues caused by the May patches. Microsoft has released an “out of band” update for the on-going Microsoft authentication issues stemming from the May Microsoft Domain Controller patches.