So much has happened, and in some cases changed, since our April Tech Talk, that we felt our May webinar should be a Tech Talk Bonus edition. We will have a full cybersecurity update. We’ll say what we can about lessons learned in a new regional security event.
Tech Talk May Bonus Edition – Recording Available
Tech Tidbit – Do you understand DoH? Steps you need to take now to prevent chaos with your web filtering
We have a new technology coming online with all the popular web browsers. It is called DNS over HTTPS or DoH. The concept is instead of using your internal DNS to resolve web pages, the web browser goes back to an external DNS site to resolve the page.
Tech Tidbit – The pain of changing passwords
“Treat your password like your toothbrush. Don’t let anyone else use it and change it every six months” -Clifford Stoll Password security is always on our minds. The NYS Comptroller’s Office technology audits love to list this in audit reports as an area that needs improvement.
An update on Microsoft’s May Patch Issues with Domain Controllers and Certificate-Based Authentication
I wanted to update you on the Microsoft authentication issues caused by the May patches. This only potentially affects Microsoft Domain Controllers. More specifically it only affects Domain Controllers that are using certificates in any way for some form of authentication.
Weekly Tech Tidbit – Remote Risks and Compliance Part II – Secure and Reliable Communications
Last week I talked about the importance of Cloud Backup in our new remote teaching and learning and back-office school environments. This week I am going to talk about secure and reliable communications. The reality is that the number one threat to your network is your users clicking on attachments or web links that lead […]
Weekly Tech Tidbit – Secure Your Endpoints with Disk Encryption
Disk encryption is growing in popularity as a means of better-securing laptops and desktops. Microsoft is offering BitLocker natively in Windows 10. Microsoft Endpoint Configuration Manager has a built-in BitLocker Administration console. If you don’t have SCCM, then Microsoft offers the MBAM console to manage encryption.
Tech Tidbit – Closing Time. Protocols and Processes that have to go!
For the last few years Microsoft has been talking about “Modern” this or “Modern” that. In the quest for improved security they are agressively trying to move everyone to more modern protocols. The impending LDAPS changes are an example of this. However, there are more processes and protocols that they are urging you to retire.
Tech Tidbit – Your Battle – Deny Lateral Movement vs. Momentum
I constantly harp on denying the bad guys access to your network, and if they are inside already, denying lateral movement. At the last Tech Talk, I mentioned that I am watching many of the Paladin Sentinel Monitoring sites just RDP into all the servers with the true Domain Admin Administrator ID – just like […]
Weekly Tech Tidbit – Breaking up the band. It is time to better segment critical network functions
We have spent two decades linking all sorts of servers and processes to Active Directory for “ease of use”. Sadly ease of use now can also mean “ease of hacking”. Therefore, we must be much more critical of when integration is genuinely helpful (LDAP for instance), vs.
Tech Tidbit – Two ways to sanely maintain remote endpoints
The reality of many K-12 school districts is that you either have handed out or are handing out laptops to teachers and critical staff to get through this quarantine. All those great tools you had been using: WSUS, SCCM, and KACE are now functionally useless for those remote users.