Resources

This week’s Tech Tidbit is short and sweet. If you have a server or device that is internet facing, make sure you have a real, commercial SSL certificate on it.   Do not use a self-signed certificate.   I don’t really care that it is just for “internal” use and you are smart enough to bypass the […]

When all else fails we reach for the backups.   However, increasingly the bad guys are consciously seeking out your backups and deleting them as part of elaborate ransomware routines to force you to pay to recover your data. This can be as simple as the bad guys deleting your volume shadow copies to as complex […]

One of the key features of the newest firewalls and intrusion protection systems (IPS) has been the addition of something called GeoBlocking. This feature allows the administrator to shut down traffic to or from specific countries or regions of the world and your local network regardless of any other firewall permissions in place.

Trend Micro has stated many times that you have approximately 4 minutes between when a threat enters your network and the infection breaks out. But who can respond that quickly? I have often said if we leave questions on the computer up to our end users, we have failed.

At some point in your life, you probably were locked out of something – your house, your car, your office.  I am sure it was awful trying to figure out how you were going to solve that problem.   However, to add to your stress, we now have all this sensitive data online and on our […]

Most of Google’s products are free.  The reason is that you are their product.   Their computers read your emails.  They send you targeted ads based upon what you read and write.   They track your location.  They track your likes and dislikes. They have made your life more convenient by syncing all your Google Chrome data.

It is important to have accountability to the taxpayers independently proving that each school district has adequate financial controls in place and is properly managing the money it has been entrusted.  In this era of identity theft, ransomware, and electronic financial theft, it is equally important to have adequate technical controls in place to protect […]

I can’t tell how many times I have heard from non-technical Mac people that, “they don’t need anti-virus.” The Apple person that sold them their Mac told them that. I have pointed out that Apple’s technical folks make a strong recommendation for anti-virus in their technical documents despite sales claims to the contrary.

Recently I read an interesting article on malware development techniques.  SentinelOne, Cisco AMP, and other antivirus products rely on the VirusTotal clearinghouse.  This is a clearinghouse that has approximately 67 antivirus vendors. Various antivirus and advanced endpoint products upload suspicious programs to ask, “is this a virus?”.   You get a score back of x/67 for […]

We have to be constantly vigilant to prevent malware, trojans, and other bad actors from taking root in our school networks to steal personally identifiable information (PIA) and money.   Besides web filtering, antivirus, patching, and now advanced endpoint protection, we also have to look at policies.