Last month on January 22nd the US Dept of Homeland Security took the unusual step of issuing Emergency Directive 19-01 to all Federal Agencies.   The directive issued steps that had to be taken by those agencies to mitigate potential DNS infrastructure tampering.

This tech tidbit is a reprise of a tidbit we sent out back in June of 2018.   You may have missed this post back then as it was the end of the school year and preparing for summer was upon all of us.  But, I wanted to bring it to all your attention again.

The FBI came to visit us last week.  No it wasn’t an investigation.  It was for CSI’s 3rd annual Security Event.  I have talked about the topic of Cyber Threats in person and on-line, but our Supervisory Special Agent had a few interesting things to say beyond the topics Bob and I have been discussing […]

I am watching with some interest a growing trend with district’s implementing newer IP-based building systems (HVAC control, food service temperature controls, door control, video surveillance, etc.) and when properly implemented I think this a fine thing.

This week’s Tech Tidbit is short and sweet. If you have a server or device that is internet facing, make sure you have a real, commercial SSL certificate on it.   Do not use a self-signed certificate.   I don’t really care that it is just for “internal” use and you are smart enough to bypass the […]

When all else fails we reach for the backups.   However, increasingly the bad guys are consciously seeking out your backups and deleting them as part of elaborate ransomware routines to force you to pay to recover your data. This can be as simple as the bad guys deleting your volume shadow copies to as complex […]

During our May Tech Talk meetings one of my summertime recommended tasks was for everyone to find and eliminate “zombie” servers.   Zombie servers are servers which theoretically are retired, but yet that somehow still exist, turned on, in your network.

When something goes sideways in our technical worlds some of the first questions we get asked, after “when is XXXX going to be back up”, is “what happened?” and “why did it happen?”   For sure if the event in question is a security or data breach event the urgency to answer these questions ratchets up […]

**Note – Client tech directors in Dutchess County got a preview of this Tuesday so if you are in that group you may skip the rest of this note and go on to your next e-mail.   For the rest of you please read on** On Tuesday, May 29th, I received an updated alert from US-CERT […]

We have been discussing a whole lot of security issues over this past year.  Many of you are already moving forward to address many of our recommendations.   However, some of you are paralyzed in figuring out how to absorb some of the new costs for the new security technologies that your district now absolutely requires […]