Category: Security
-
Not a Security Person…
I was approached about a job recently by a company I have worked with in the past. While speaking with the recruiter he told me that one aspect of the position was Identity and Access Management (IAM). He then told me that the client had specifically told him that “This job is NOT related to…
-
Security Baselines in Intune
Okay, if you are a strong believer in cybersecurity, raise your hands. Okay, you can put them all down now. While I know there are people out there who believe that everything should be open to everyone, I doubt they are reading my blog. Next: If you bought/acquired/were gifted/found/inherited your current computer and, before doing…
-
Microsoft Disabling Older TLS Going Forward
Microsoft announced this week that future versions of Windows (client and server) will no longer have TLS 1.0 and TLS 1.1 enabled. This step is designed to encourage you to use modern security mechanisms for your organization. TLS (Transport Layer Security) is an encryption mechanism designed to prevent eavesdroppers from reading your data in transit,…
-
Security Webinars
Over the last few months I have written and recorded a number of webinars for Netcom Learning on a number of security-related topics. I thought I would share them with you here! Please note that you will have to register for these webinars, but there is no cost. You will, however, receive a phone call…
-
System Issues and Public Panic
Air travel in the United States was severely interrupted by a cyber incident last week. I heard about it on the news as I walked my dog and spent the entirety of that walk framing how I would speak to the incident at the opening of my class later that day. I was teaching a…
-
Busting the Myth: Windows 11 Hardware Requirements
If you were to ask me to pinpoint the exact moment of IBM’s downfall and the great rise of Microsoft, it would be in the room in Armonk, New York where the IBM developers and the Microsoft developers were trying to create a new operating system for the new IBM-AT (based on the 16-bit 80286…
-
Conditional Access Policies in Intune
**DISCLOSURE: While I am contracted to Microsoft Corporation, I am not an employee. The articles that I write are not meant to represent the company, nor are they meant to represent me as an employee or spokesman for the company. As has always been the case, all articles on this website represent me and nobody…
-
Trusted Senders…
I have received a lot of spam in my day, and I have looked at some of it to see what tricks the bad guys are playing. I received this e-mail on my phone this morning. Please note, it was in my Inbox, and did not go into Junk. Does Microsoft use contractions? You’ve in…
-
Dynamic Lock: Walk away securely.
One of my pet peeves when walking through organizations that I consult for is seeing unlocked and unattended workstations. I hate seeing this, knowing that anyone can sit down at their desk and do… whatever. I know people who would sit down at these unlocked workstations, and send an e-mail to the entire organization (in…
-
Password Vault: Success!
I can’t believe it has been two years since I signed up for my password vault, but there it was in my mailbox… the reminder that it is time to renew my ‘premium’ service with my password vault service. I did it gladly, giving over my credit card information. Why premium, you ask? Well, for…
-
SCM is gone… Say Hi to SCT.
For the past several years nearly every client of mine (that I have consulted on Active Directory) has been introduced to the Microsoft Security Compliance Manager (SCM), a great tool that helped create Group Policy Objects (GPOs) for any number of Organizational Units (OUs), including Default Domain Policy, Domain Controller Policy, Client Workstation Policy, and…
-
A Big, HUGE Microsoft Security FAIL.
(NOTE: This article was written December 7, 2016. Not one word has been changed since that date. To understand why it can only now be published, read the article on this site called 107 Days: A Microsoft Security Nightmare. -MDG) For reasons that will become obvious, I am going to delay posting this article until the…
-
107 Days: A Microsoft Security Nightmare
I have held off talking about something for quite some time. I do not mess around when it comes to security, especially for my critical accounts. When the actual security of an account has been compromised, as was the case with my Microsoft Account, I do not advertise it. On December 7th I sat in…
-
Higher Security: How’s it going a month in?
A few weeks ago I wrote about how I started using a password vault. Some of my keener observers noted that I did not mention which one I chose, and that was not an oversight. I am not an expert in the technology, and unlike many of the products and solutions I have reviewed over…
-
Passwords: Beware
I held out as long as I could; I have never used a password vault, thinking that I could remember all of my passwords for several dozen sites and applications without having to trust them to any third party. Of course, many of the passwords I used were reused a few times, and oftentimes I…
The World According to Mitch 