In my 20s I went to Tahiti and went on a sunset cruise on the famed “Liki Tiki”.   It was an amazing sunset.  Hula girls, and music.   Along the way the Liki Tiki sprung a leak.   It was pitch black, and the boat was taking on water.  The captain and crew knew they were taking […]

Just when you thought it was safe to move along to other technical topics, along comes Scott Quimby’s Hardening Active Directory Part III to scare you even more.  If you haven’t watched Part I and Part II, you can find them here. In Part III we will do a little review of some core topics […]

Hopefully for most of you, this is old news, but I know how busy everyone gets, especially this time of year with the end of school coming upon us.   So, in case you missed it Microsoft RDP has been back in the news again as the source in yet another serious vulnerability – dubbed BlueKeep […]

I was recently reading a security study that said that 25% of applications are unpatched for an entire year!  As you approach the summer remember that you need to patch not only the operating system but also all your applications. Many of our biggest threats are application based: Adobe Flash Oracle Java Adobe Reader (PDFs) […]

One of the most important principles of a good network design is accurate time.   Windows time is a whole lot like the 1960s car clock – always drifting away from true time.  However, very weird things start to happen if time on your network and servers and workstations is left to fend for itself.

Bob and I have discussed over and over the need for improved public wireless configuration.   Some of you have gotten the message.  Sadly many have not.  As we approach the summer, let’s get this fixed once and for all. Here are a few design changes many of you need to implement: If your endpoints in […]

As you go through your normal yearly planning cycles remember that in January 2020 Microsoft will be retiring Windows Server 2008 R2, Windows 7, and Microsoft Exchange 2010.  That means no security updates and no vendor support if something goes wrong.

In an Active Directory domain, we generally rely heavily on group policies.   Microsoft best practices say that you should have at least two domain controllers.   Most of our clients have two or more domain controllers.   Those domain controllers need to replicate Active Directory information, DNS information, and Group Policy information (i.e. SYSVOL) so that everyone […]

I can’t tell how many times I have heard from non-technical Mac people that, “they don’t need anti-virus.” The Apple person that sold them their Mac told them that. I have pointed out that Apple’s technical folks make a strong recommendation for anti-virus in their technical documents despite sales claims to the contrary.

We have been discussing a whole lot of security issues over this past year.  Many of you are already moving forward to address many of our recommendations.   However, some of you are paralyzed in figuring out how to absorb some of the new costs for the new security technologies that your district now absolutely requires […]