-
Get Back To Work or Get Out!
I read a news article recently that bothered me. It was about a company whose employees unionized in order to pressure the owners to change his (or their) politics in order to align with those of the workers. It does not matter that in this particular case the owner’s politics align with those I hold.…
-
Protection: What a Pain!
I came across a quote I love sometime over the last year: Security should cause healthy friction. It should not impede your users – it should hardly even cause them delays. It is a quote that I love, and which I have shared with my students every time I teach. Sometimes I get caught in…
-
WSL: Kali Linux within Windows
“IT should not be a religion, it should be about selecting the right tools for the job.” The first time I said those words I was on a Microsoft stage, wearing a Microsoft logoed shirt, speaking to a Microsoft audience. I remember seeing the event sponsor – a Product Manager at Microsoft Canada – turn…
-
Outside My Comfort Zone
While my focus has of late shifted to cybersecurity, I have spent most of my teaching career focusing on Microsoft technologies. It made sense, since as an IT consultant I had always specialized in Microsoft infrastructure technologies. Even with my recent shift to infosec, I am still the go-to instructor for the Microsoft stack for…
-
A Familiar Blackmail Scam
This post is dedicated to a longtime friend and avid reader of this blog. Rick passed away last week, and he will be missed. My life is richer for having been friends with him all these years. Not for nothing… I always knew his passwords, no matter how often I tried to convince him to…
-
Stackable Certifications Revisited
Nearly five years ago I wrote an article about Stackable Certifications. This was when I had just earned my first two stackable certifications from CompTIA because I had passed A+, Network+, and Security+. For passing four CompTIA exams I had earned five certifications (adding CIOS and CSIS to those three). I am not sure if…
-
On Connect Woes & Broken AD Links
I woke up this morning to an email that read: Password Hash Synchronization heartbeat was skipped in last 120 minutes. While this happens for no apparent reason from time to time, I logged in four hours after the email came in and noticed the issue had not been resolved. I went to log into my…
-
It’s Not Too Late… Yet.
One of the things I always tell my students is that it is much easier to build security into your IT infrastructure if you do it from the planning phase, and not as an afterthought. I read a great quote recently: The best time to plant a tree is twenty years ago; the next best…
-
How Could You Let That Happen?
A close friend of mine, an elderly gentleman from the old country (in every way), is going through a terrible time right now. Part of his struggles includes (a known) someone hacking into his email account. When he asked me ‘…why can’t I just hack into the account to take it back?’ I had to…
-
End of Days
In the IT field there are a number of different names for it. CompTIA seems to use two terms: End of Life (EOL) denotes that a product is no longer available for purchase, and End of Service Life (EOSL) means that it is no longer supported by the vendor. Microsoft uses the term End of…
-
You May Be Exposed… Deservedly!
I received this email this week: Let me be clear: these emails are quite important, and you should be paying close attention to them. With that said, this particular exposure was from nearly five years ago. If you have a password that is that old then maybe you deserve to be compromised? With multifactor authentication…
-
Not a Security Person…
I was approached about a job recently by a company I have worked with in the past. While speaking with the recruiter he told me that one aspect of the position was Identity and Access Management (IAM). He then told me that the client had specifically told him that “This job is NOT related to…
-
Certified in Cybersecurity
I have been security-minded for most of my adult life. Whether or not I have always lived it is another matter, but I have learned my lessons and have done my best to continually improve. While I have been taking IT certification courses and exams for nearly twenty-five years, it was only in 2022 that…
-
Goodbye to an Era
In the days after the demise of cassette tapes and before MP3s existed there were basically two ways get your music legally: You could listen to the radio of course… but the vast majority of people purchased it on Compact Disc (CDs). Tower Records reigned supreme but there were many other places to purchase them……
The World According to Mitch
The day to day ramblings of an IT Professional (and so much more…)
The World According to Mitch 