Blog

By Steve Gold, Posted in Security

Let’s start today’s blog with a hearty pat on the back and a big ol’ KUDOS! You get it! You can’t protect what you can’t see. You don’t need to write it on the chalkboard 100 times…unless you’re a huge Bart Simpson fan, then go ahead. Of course, we’re not done with gaining visibility into your environment as you’ll see in future posts. So sorry, not sorry. Now that you have your data inventory, it’s important to know who can access your dat... read more.

• June 06, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/22 The Evolving Landscape of Distributed Application Security: Beyond Network Firewalls (F5) With the dispersion of application services across highly distributed environments, security has become an infinitely more complex endeavor. https://bit.ly/3MNtaRB The Seven Types of Non-human Identities to Secure (CyberArk) Being aware of all the different identity types in your organization and understanding all the different security needs that must be considered are the first steps to building a co... read more.

• June 02, 2023

By Carlo Costanzo, Posted in Infrastructure, Support

The Scene Recently, we were working with a client who was experiencing packet loss on some network adapters on their systems. The ESXi host was set up in a pretty standard configuration of a vSwitch with two physical NICs connected to it. We’d done a lot of troubleshooting up to this point and wanted to start correlating Virtual Machines to pNICs. The NIC teaming on the vSwitch was set up as a default active/active scenario and was using the route by origin method. This means that when a VM powers u... read more.

• June 02, 2023

By Steve Gold, Posted in Security

You can’t protect what you can’t see! You can’t protect what you can’t see! You can’t protect what you can’t see!  Anybody seeing a theme here? Establishing a process to inventory where your data lives (on-premises storage, mail platforms, endpoints, mobile devices, cloud storage, cloud infrastructure, blah, blah, blah) is the first step in building a data management framework. The second step is to establish labels for your data to understand what data you shoul... read more.

• June 01, 2023

By Steve Gold, Posted in Security

If you get the joke behind the title, you’re either as old as I am or spend hours on the Internet searching for 80’s commercials. Either way, good on ya! In 2006, Clive Humby, a British mathematician and data science entrepreneur, coined the phrase “Data is the new oil.” Humby meant that data, like oil, isn't useful in its raw state. It needs to be refined, processed, and turned into something useful; its value lies in its potential. Many others have come up with different interpret... read more.

• May 23, 2023

By Kevin Santarina, Posted in Security

If you haven’t read tech news in the last week or two, would you have thought twice about clicking on these links if they were embedded into an email? This past month, Google introduced eight new top-level domains that are publicly available for registration. Among them are two very commonly recognized file extensions, .zip and .mov. The .zip extension is one of those file extensions used to indicate to a user that they are about to receive a collection of files, PDFs, documents, installers, etc., a... read more.

• May 23, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/15 The Value of Holistic Visibility: Putting it All Together (Arctic Wolf) Organizations have too many tools feeding them more information than their staff can handle, and partially because those tools are siloed off and improperly managed, preventing comprehensive information and complete understanding of what’s happening within an organization’s IT infrastructure. https://bit.ly/44VGWsB Ransomware Roundup – Maori (Fortinet) FortiGuard Labs recently came across a new ransomw... read more.

• May 19, 2023

By Steve Gold, Posted in Security

If you’ve ever challenged a rule your parents set, you’ve probably heard the phrase, “As long as you live in my house, you’ll live by my rules”. Sometimes, if you’re lucky, it’s followed up with, “You can do whatever you want when you have your own home”. So, what do these painful childhood memories have to do with security? I’m so glad you asked! Your parents established certain rules/processes to ensure that the home, and everyone in it, is prot... read more.

• May 16, 2023

By Eric Corcoran, Posted in Technology Week in Review

Monday 5/8 The Importance of Identity and Access Management (Arctic Wolf) Proper IAM management is a discipline that involves people, processes, and technologies, and is an ongoing journey that follows what is referred to as the access management lifecycle. https://bit.ly/3M6jZLI Cyber as a Shared Responsibility; How Rubrik and Zscaler Stepped Forward (Rubrik) Over the past few years as ransomware and other threats have increased, private sector companies have embarked on aggressive journeys to reduce... read more.

• May 12, 2023

By Steve Gold, Posted in Security

Hopefully by now you’re seeing a trend. You need full visibility into your environment and you also need both the visibility and capability to remove any unauthorized assets or software. I know this may seem kind of basic, but remember, we are only at Control 2. Wait till we get to Control 17 and start discussing Incident Response. But let’s not get ahead of ourselves just yet. After all, we are working with a prescriptive, prioritized, and simplified set of best practices. In the previous blog... read more.

• May 09, 2023