Resources

Back on January 29th, there was a flurry of discussion in the IT world about the announcement from Cisco of an Adaptive Security Appliance (ASA) Remote Code Execution and Denial of Service Vulnerability. Originally announced as only affecting the ASA and latest code versions of the Firepower Threat Defense firewalls, over the next few weeks […]

The Snort IPS engine is at the core of both the Cisco Firepower Threat Defense and Cisco Meraki IPS systems. Maintained by Cisco’s Talos Group, the Snort Engine, and its signatures are licensed to the world via the open source GPL and as such it is the most widely distributed IPS engine in the world.

One area of security we often overlook is that of the servers themselves. Most of our servers have some sort of remote access card built into them to provide remote access in case the server is hung up as well as to provide enhanced alerting of hardware errors.

Short but somewhat scary tidbit from me this week that serves as a reminder that there is a reason that the CSI team advocates: 1 – That we need multiple layers of security protection in our networks since no single tool will catch everything     2 – We need to up the sophistication of […]

You will find on our web site under Webinar recordings, Hardening Active Directory Part I and also Part II. If you haven’t watched those presentations, you should to understand the threat to your Windows networks. One basic concept you can start with is to realize that all the Group Policy security settings are found in […]

For years the best practice, and rules the most auditors hold IT departments to when it comes to secure password policies have included the following: 1 – Passwords should be at least 8 characters minimum and must contain complexity (use at least 1 number, 1 upper case character, and 1 special character)   2 – Passwords […]

Previously we talked about limiting the use of “local administrators” to improve the security of your network. However, we do actually need a local administrator account to exist because, sooner or later, a tech is going to need that account to properly install software or update the machine.

In this week’s Tech Tidbit I want to talk a bit about the importance of implementing proper control of DNS as part of your malware protection program. DNS lookups and / or the hijacking of DNS lookups are an often-used tool by many malware agents to help enable the success of their intended attacks.

In the real world, it’s no longer a matter of if an attacker will get in, but when and for how long. Is your district really prepared? I am pleased to invite you to 2nd Annual Security event on Dec 5, 2017, in our offices in Fishkill. This year’s event will feature actual hands-on experiences […]

I have been talking over the past year about “Hardening Active Directory”.   In those discussions, we have been talking about implementing a granular password policy so that you K-2 students have a lower password requirement than your financial and guidance users.