By SECTION 9
Just two people trying to do IT and Security the right way.
We’re focusing on basic Microsoft 365 security. We’re also reviewing our Microsoft 365 Business Premium Licensing.
Got a nice email from a listener who happens to be managing Microsoft 365. He made some interesting suggestions. This got me thinking about how we use 365. Ended up falling down the rabbit hole. We still have a lot...
Time to review our IT management process. We have some work to do.
The Cybersecurity & Infrastructure Security Agency has a mandate for the print spooler service vulnerability. This mandate includes step by step instructions for fixing the vulnerability. For people like us, this is awesome!
PrintNightmare and the out of band patch forced us to change. We needed to evaluate the way we handle out of band patches. Fortunately for us, this wasn’t a big deal.
Time to look for a new job and brush up on my skills. Following Jason Blanchard’s tips on job hunting. I’m also trying to improve my SIEM skills. A skill that I’ve seen a few job postings.
A couple episodes ago, we got to interview John Strand of Black Hills Information Security. He gave us a lot of really good information. In our last episode, we talked about the technical half of the interview. In this episode,...
In our last episode, we interviewed John Strand of Black Hills Information Security. Now it’s time to analyze what he said. For this episode, we’re looking at the technical side of the interview. We’re saving the training portion for another...
Yes, we got to Interview John Strand from Black Hills Information Security. He was kind enough to donate his time. We covered first steps to improving security, best practice, tools and training.
We’re looking into version 8 of the Critical Security Controls.
This is episode 200. We’ve come a long way in 200 episodes.
We’ve been busy. We figured out how to push an emergency patch. Then version 8 of the CIS Critical Security Controls was released. Simplified and reorganized. We’re slowly working our way through the list. Lots to do.
I did a lot of work to get our VMware server environment configured. Turns out we’re running out of drive space.
Our VMware server is back online with new NVME drives. This project was more work than we had planned for. Still, typical for an IT project. They never go the way you expect them to.
I wanted to “Release the hounds” with bloodhound. I managed to get it working. That’s about all I can say. It was way more work than I thought it would be.
Our VMware server is offline. We’re missing a part we need to install the drives. While we track that down, we need something to do. Planning labs, learning Visio, and project management are on the todo list.
Time to do a security test of Active Directory. Going to be using Bloodhound, Plumhound, Mimikats and Ping Kastle. Never used them before. First time for everything.
Running into some issues with our VMware ESXi server. The not so good news, we don’t have enough drive space. The good news, we can fix that. The really good news, we have way more CPU power than I thought.
We just put up a tools section on our website. It’s a list of tools we use and some we would like to use. Most are security tools. Things you wouldn’t see outside of security.
Looks like we need to learn more about Windows Hello. Dorothy got locked out of her laptop. Couldn’t reset her Windows Hello pin.
We’re using our project management process to migrate to new iPhones. It might seem like a simple process. It isn’t. Not when you have to migrate authentication apps for 2FA. If we’re not carful, we could lock our selves out...
We’re working on a project management process. Turns out we’ve been doing it wrong. A good book and few simple steps is all we needed.
Our patch process is in place. Time to do a quick weekly patch review. We’ve got this process down to a couple of minutes. That’s it. That’s how long it takes us to review our patch process.
Our endpoint management process is awesome. We can push settings to Windows 10 and we’ve got patching under control. A weekly email tells us how we’re doing. We can manage our systems while sipping coffee.
It’s a new year with new goals. This year we’re focusing on IT management, Security and certifications. We’re also trying our best to finish our endpoint management project. We won’t be able to automate everything. Not yet anyway.
No break for us this year. We’re diving strait into workstation and laptop management. We’re doing this with Microsoft Endpoint Manger and Automox.
You wake up, the servers down and there’s no DR plan. Good times! Nothing teaches you more then a disaster you weren’t prepared for. On the bright side, there’s SOC training to prep for.
How can Microsoft 365 business premium help us? How can it make our lives easier? Are their features we should be using? We migrated to 365. We got the basics working. Now it’s time to dig a little deeper.
The end of the year is right around the corner. Time to start thinking about next year. We’re also adding another tool to our toolkit.
Learning some interesting things about ITIL and Microsoft 365 conditional access. ITIL will help us organize Section 9. 365 conditional access will help us lock down Azure AD. This should make it harder for the hackers to get in.
This week we’re working on DR plans and Password Polices. The DR plan is for our DNS servers. We can’t afford to lose them. The password policy is about reducing risk with longer passwords. We’ve also got another tool for...
We don’t know much about 365 conditional access polices, but they look awesome. We’re also adding tools to the toolbox and deploying new devices. No rest for the crazy.
Our Microsoft 365 has failed logins from Russia. What do we do? Time for a risk assessment. We’re going to make our 365 more secure.
We’re talking about weekly tasks, 365 authentication issues, and training. On the training front we have ITIL 4, SOC and Windows 10.
This week we connected Jitibt to 365, found hidden licensing and learned how to be a SOC analyst. You can now contact us by sending email to [email protected].
We’re learning how to manage emergency accounts and data retention in 365. The good news, Microsoft has some pretty cool tools for data retention. The bad news, retention policies are a bit confusing.
We’re slowly creating our test environment for Microsoft 365. We’re also looking at ways we can backup 365. Slow and steady wins the race. We’re two people learning to be 365 admins. Breaking something could equal a lot of downtime....
We did it! We migrated to 365. There were a few bumps along the way. Nothing major. We’re doing a quick review of the process and next steps. We have to learn how to be 365 admins.
Time to prep for a long winter with Covid-19. We want a nice environment for IT projects and studying. We still need to finish our Windows 10 cert. We’ve got other Microsoft 365 certs to look at. I’m finally...
Yup, another 365 migration review. Overall we’re doing pretty good. We still need to make sure we’re moving in the right direction. Are we achieving our goals? What are our goals? How are we doing? How do we feel...
We’re starting over again. Yup! Two steps forward, one step back. This time it’s not so bad. We found more documentation on Microsoft 365. Based on this, we’ve decided to review the signup process. The only way to do that...
As the title says, we got it wrong. It happens. Unfortunately this is not a topic you want to get wrong.
We’re moving forward with our Microsoft 365 migration. Signed up for an account using the 365 Business Premium license. Setup admin accounts for our selves. Getting ready to setup test accounts with Business Premium Licenses.
You can’t have a good security program without Polices and Procedures. We’re not the best at writing Polices. Truth is, we’re like most people. Where do I start? How do I write a policy? Lucky for us, there are resources out...
Another episode on migrating to Microsoft 365. Most organizations are using it. It’s almost a standard in the business world. Should we be using Microsoft 365? Can we?
Time to start thinking about our Critical Security Controls audit. This will include policies and procedures. We can’t avoid good documentation.
I’ve learned a little more about the CMMC. This is the Cybersecurity Maturity Model Certification. It applies to certain government contracts. A big part of the certification is documentation. If you don’t have it, you may not be CMMC compliant. This...
Lots to talk about in this episode. We’re using pfSense firewalls in our virtual lab environment. We’ve been documenting things on slab.com. And we’ve been evaluating cloud security.
Time to review the security of notion.so. They are responsible for protecting our data. We are responsible for putting it there. We need to make sure their security meats our requirements. If they don’t, we’ll have to look for a...
We’re taking a step back and focusing on documentation. We spend a lot of time looking things up. Time that could have been spent learning new things. Better documentation means less time spent looking things up. To help fix this...