Happy Holidays. As we go through the last full school week before the holiday break, I have a couple of quick professional and personal thoughts:      You should use the holiday break to re-calibrate your UPSes.  Remember Smart UPSes need periodic re-calibration.

We have all heard the story of the Trojan Horse.  The Greeks built it and left it in front of Troy.  The Greek army left.  The Trojans went outside the gates and wheeled it into the city.   At night the Greek version of Special Forces jumped out and destroyed Troy.

Note:  The response to our CyberSecurity Event has been overwhelming.  To accommodate everyone who wants to attend we have moved it to a much large conference room.  We do have a few seats still available.  This is your last chance to sign up for this event.

Hopefully, you all had a relatively sane and productive summer.   Security-related topics have been in the news for most of the summer with several incidents hitting fairly close to home. Perhaps the question I have been asked the most over the last month or so has been “what do I need to do to protect […]

Just when you thought it was safe to move along to other technical topics, along comes Scott Quimby’s Hardening Active Directory Part III to scare you even more.  If you haven’t watched Part I and Part II, you can find them here. In Part III we will do a little review of some core topics […]

I was recently reading a security study that said that 25% of applications are unpatched for an entire year!  As you approach the summer remember that you need to patch not only the operating system but also all your applications. Many of our biggest threats are application based: Adobe Flash Oracle Java Adobe Reader (PDFs) […]

Do you know how secure you are from the outside world?  Maybe you’re new and inherited a network, or there has been so much churn over the years with servers being added and retired and software previously available in-house now being hosted?   Maybe you have just lost track of patching? Regardless of the reason, a […]

Keeping up with my theme on DNS related posts, this week I will again reprise a post from over a year ago on the importance of implementing proper control of DNS as part of your malware protection program.   It remains as valuable part of your overall all network and security management policies.

The US-CERT (Computer Emergency Response Team) recently gave a presentation on what China has been doing to hack anything they can hack with the goal of stealing intellectual property, money and personally identifiable information. While most public sector schools and government agencies are generally not vast repositories of intellectual property, they do manage and transfer […]

We constantly harp on all of you segregating third-party vendor equipment on to vendor VLANs.   The purpose of that is to keep third-party vendor equipment completely away from your internal network.  Ideally, we don’t want these vendors to see, touch, or ask your internal network anything.