Resources

We have recently been approached by many school districts to talk to their district office staff and in some instances their faculty about phishing and security as it relates to money and personally identifiable information (PII).  These have been in the form of either special in-service training for district office/business office staff or as part […]

If you subscribe to our Paladin Sentinel monitoring service, hopefully, you know that either myself or one of our technical staff actively sweeps through the monitoring consoles sometime between 6 am to 7 am with the goal of identifying any major issues such as site, building or device down before 7 am.

Occasionally the SentinelOne agents included in our CSEDR offering are operating but show a red “x” denoting that the agent is operational, but not visible to the main SentinelOne console. SentinelOne has updated their agents to better explain why they are not communicating.

We have a new technology coming online with all the popular web browsers.  It is called DNS over HTTPS or DoH.   The concept is instead of using your internal DNS to resolve web pages, the web browser goes back to an external DNS site to resolve the page.

We all understand the scourge of Ransomware.   It is debilitating.   Even in the best case, it consumes a huge amount of time to recover.  However, now the bad guys are getting even more nasty.   They want their money.   If you decide you can recover or don’t care, they get nothing.

  “You don’t have to run faster than the bear to get away. You just have to run faster than the guy next to you.” ― Jim Butcher Recently we had the former White House Chief Information Security Officer (CISO) on our webinar talking about the Ukrainian war and its impact on us.

It is already a weird summer for me. I normally go to Acadia National Park right about now and enjoy the Maine weather. (It is so weird that NY has Maine weather so far). Instead of my normal summer routine, this year I am moving one of my daughters into the University of Alabama at […]

I was watching a panelist discussion post-mortem discussing firsthand knowledge of 25 major ransomware-style breaches. One of the panelists was an award-winning, ex-NSA offensive hacker.  One item that was stressed as a common theme across many breaches was credential theft being the number one way bad people get into the network.

  Cyber Security has grown into an issue that needs to be addressed by everyone in a school district, not just by the Director of IT. To that end, we are starting a weekly bulletin series aimed at helping School Business Officials, who generally own the district’s risk management responsibility, become more knowledgeable about the […]

  In August of 2021, CISA added “Single Factor Authentication” to its list of practices it considers “exceptionally risky” as it exposes you to an “unnecessary risk from threat actors”. Your district auditors and the NYS Comptroller’s Office technology auditors are most likely pestering you about your multi-factor authentication (MFA) strategies and beginning to ding […]