PROACTIVE RISK
  • About
    • 800 lb Gorilla
    • Our Manifesto
    • Simple Agreements >
      • Mutual Confidentiality and Non Disclosure Agreement
      • Master Agreement | Work Order
    • BLOG
    • Capabilities Summary
    • Request Support
    • Contact Us
  • SOLUTIONS
    • Fractional CIO/CISO
    • Cyber Recruiter
    • Threat Modeling
    • Policies and Plans
    • MonitorIT®
    • Software Development
    • Domains | DNS
    • PhishIT®
    • MeasureRISK®
    • Vendor Risk
    • CATSCAN®
    • Physical Security
    • Backup Resiliency
    • ProtectIT®
    • ManageIT®
    • FINDIT® >
      • RAPTOR eDiscovery
  • RESOURCES
    • Tech News
    • Videos
    • Store
    • Guides | Tools
    • STAFF

GRAY BEARD BLOG

SHARING RANDOM THOUGHTS ON TECH

Windows 2019 in 2023?

1/27/2023

 
Here are some best practices for a small business that has purchased Microsoft Windows Server 2019:
  1. Plan your deployment: Before deploying Windows Server 2019, it is important to plan your infrastructure and determine your specific needs and requirements. This includes determining the number of servers you will need, the roles and features you will need to install, and the hardware and software requirements.
  2. Create a disaster recovery plan: It's important to have a disaster recovery plan in place to protect your data and systems in case of an unexpected event. This includes creating regular backups, testing your disaster recovery procedures, and having a plan in place for restoring services in case of an outage.
  3. Keep your server and software updated: Regularly updating your server and software can help to ensure that your systems are secure and running optimally. This includes patching your server, updating your antivirus software, and ensuring that your software is compatible with Windows Server 2019.
  4. Monitor your server's performance: Regularly monitoring your server's performance can help you identify and resolve issues before they become critical. This includes monitoring your server's CPU, memory, and disk usage, as well as monitoring your network's performance.
  5. Secure your server: Windows Server 2019 has many built-in security features that can help protect your server from external threats. This includes implementing firewalls, using a strong password policy, and encrypting your data.
  6. Train your IT team: Windows Server 2019 is a powerful and complex operating system that requires knowledge and skill to manage effectively. It's important to provide training to your IT team to ensure they have the necessary knowledge and skills to manage and maintain your server.
By following these best practices, you can help ensure that your Windows Server 2019 deployment is successful and that your small business is protected from potential security risks.  If you can get Windows Server 2022 the same rules apply. ​Notable differences between Window Server 2019 and Window Server 2022 include increased host memory from 24TB to 48TB. The Maximum Logical CPUs have also increased from 512 to 2048.

Got Unified security yet?

1/22/2023

 
Physical and logical security convergence refers to the integration of traditional physical security measures (such as cameras, locks, and alarms) with computer-based security systems (such as network security, access control, and surveillance). This convergence allows for a more comprehensive and holistic approach to security, as it allows organizations to better protect their assets and personnel by considering both the physical and digital realms.

One of the main benefits of physical and logical security convergence is that it allows for better information sharing between different security systems. For example, an access control system can be integrated with a video surveillance system, so that if a door is opened without proper authorization, a video of the event can be automatically recorded. This can help organizations quickly identify and respond to security breaches.

Another benefit of physical and logical security convergence is that it allows for more efficient use of resources. By integrating different security systems, organizations can reduce the number of separate devices and systems that need to be managed and maintained. This can help lower costs and reduce the risk of system failures.

One of the main challenges of physical and logical security convergence is that it can be difficult to achieve. This is because different security systems are often developed by different vendors and use different protocols and standards. This can make it difficult to integrate different systems together, and can lead to compatibility issues.
Another challenge of physical and logical security convergence is that it can be difficult to manage. This is because as more systems are integrated, the number of variables that need to be considered can increase, making it more difficult to identify and respond to security breaches.
​
Overall, physical and logical security convergence can provide a more comprehensive and holistic approach to security, allowing organizations to better protect their assets and personnel. However, it can be difficult to achieve and manage, and requires careful planning and execution to be successful.

Going Virtual with VMWARE, TIPS

1/19/2023

 
VMWare ESXi is a popular virtualization platform for running multiple Windows servers, including Active Directory, file, and print services. Here are some best practices for setting up a VMWare ESXi system for this purpose:
  1. Hardware requirements: Ensure that the hardware on which the VMWare ESXi system is running meets the minimum requirements for the number of virtual machines you plan to run.
  2. Network design: Design the network infrastructure to ensure that the virtual machines have access to the necessary resources and that there is enough bandwidth to support the workload.
  3. Virtual machine configuration: Configure the virtual machines with the necessary resources, such as CPU, memory, and storage, to ensure that they perform well.
  4. Active Directory: When setting up Active Directory, ensure that the domain controllers are properly configured and that there are enough of them to provide redundancy and failover.
  5. File and print services: When setting up file and print services, ensure that the virtual machines have access to the necessary storage and that the storage is properly configured for optimal performance.
  6. Backup and recovery: Implement a backup and recovery strategy to ensure that the virtual machines can be restored in case of a disaster.
  7. Security: Implement security measures, such as firewalls and intrusion detection systems, to protect the virtual machines from cyber threats.
  8. Monitoring and reporting: Implement monitoring and reporting tools to keep track of the performance of the virtual machines and the VMWare ESXi system.
By following these best practices, you can set up a VMWare ESXi system that can effectively run multiple Windows servers, including Active Directory, file, and print services, and ensure that they perform well and are secure.

Meraki setup tips

1/19/2023

 
Cisco Meraki is a cloud-managed networking solution that provides a wide range of features and functionalities to help organizations manage their networks. The best practice for configuring Cisco Meraki depends on the specific needs and requirements of the organization. However, there are some general guidelines that can be followed to ensure that the configuration is secure and efficient.
  1. Start by planning the network architecture and layout: Before making any changes to the network, it is important to have a clear understanding of the organization's needs and requirements. This includes identifying the number of devices and users that will be connected to the network, as well as the locations of these devices and users.
  2. Set up a VLAN (Virtual Local Area Network) structure: VLANs are used to segment the network and provide more granular control over network access. This can be used to create different networks for different departments or groups of users, and to provide additional security by isolating different parts of the network.
  3. Configure firewalls: Cisco Meraki firewalls provide advanced security features that can help protect the network from external threats. It is important to configure the firewall settings to match the organization's security policies and requirements.
  4. Use wireless access points: Cisco Meraki wireless access points provide a range of features that can be used to optimize the wireless network. This includes setting up wireless SSIDs, configuring wireless security settings, and implementing wireless-specific policies.
  5. Implement Network Access Control (NAC): NAC is a security feature that can be used to control access to the network based on the user's device and network status. This can be used to ensure that only authorized devices are able to connect to the network.
  6. Use VPNs: Virtual Private Networks (VPNs) can be used to provide secure remote access to the network. Cisco Meraki provides several options for VPNs, including client VPN and site-to-site VPN.
  7. Monitor and troubleshoot: Cisco Meraki provides a range of tools that can be used to monitor and troubleshoot the network. This includes real-time network monitoring, network analytics, and troubleshooting tools.
  8. Keep Software and Firmware updated: Keeping the software and firmware updated ensures that the devices have the latest security patches and features.
By following these best practices, organizations can ensure that their Cisco Meraki configuration is secure and efficient. Keep in mind that the best practice may vary depending on the specific needs and requirements of the organization.

SONICWALL FIREWALL BEST PRACTICES

1/19/2023

 
A SonicWall firewall can be configured for optimum security by following these best practices:
  1. Enable the SonicWall Security Services: Enable the SonicWall Intrusion Prevention Service (IPS), Gateway Anti-Virus (GAV), Anti-Spyware (AS), and Application Control (App Ctrl) services to provide comprehensive protection against known and unknown threats.
  2. Create security policies: Create security policies that define how traffic is handled, including access control, encryption, and authentication. These policies should be based on the principle of least privilege, allowing only the necessary access.
  3. Use multiple levels of security: Use multiple levels of security, including firewalls, intrusion prevention, and VPNs to provide defense in depth. This will help to protect against known and unknown threats and reduce the risk of a successful attack.
  4. Keep the firmware up-to-date: Keep the firmware up-to-date to ensure that the firewall has the latest security patches and features. This will help to protect against known vulnerabilities and newly discovered threats.
  5. Use strong passwords: Use strong passwords for all administrative accounts and change them frequently. Passwords should be at least eight characters long and include a mix of letters, numbers, and special characters.
  6. Use two-factor authentication: Use two-factor authentication (2FA) to provide an additional layer of security for remote access. This will help to protect against unauthorized access and reduce the risk of a successful attack.
  7. Monitor and log network activity: Monitor and log network activity to detect suspicious activity and to identify potential security breaches. This will help to identify potential threats and to respond quickly to any security incidents.
  8. Regularly backup the configuration: Regularly backup the configuration of the firewall to ensure that it can be quickly and easily restored in the event of a failure or security incident.
  9. Regularly test the security: Regularly test the security of the firewall by performing vulnerability scans and penetration tests. This will help to identify potential vulnerabilities and to ensure that the firewall is providing the level of protection required.
  10. Have an incident response plan: Have a well-defined incident response plan in place to ensure that security incidents are handled quickly and effectively. This plan should include procedures for identifying, containing, and resolving security incidents.
It is important to remember that security configuration is an ongoing process and should be regularly reviewed and updated to ensure that it remains effective against new and emerging threats. Furthermore, a security audit by a professional should be performed periodically to ensure that the firewall is configured correctly and that all the best practices are followed.

POWERSHELL

1/19/2023

 
icrosoft PowerShell is a powerful tool that can be used to automate various tasks in Azure, including the creation of users. One way to create multiple users in an Azure tenant is by using a .csv file that contains the necessary information for each user. In this tutorial, we will walk through the steps of using PowerShell to create users in an Azure tenant from a .csv file.
  1. First, open the PowerShell ISE and connect to your Azure tenant by running the command Connect-AzAccount. You will be prompted to enter your Azure credentials.
  2. Next, create a new .csv file that contains the necessary information for the users you want to create. The .csv file should have the following headers: "UserName", "Password", "DisplayName", and "MailNickname". Each row should contain the information for a single user.
  3. Import the .csv file into PowerShell by running the command $users = Import-Csv -Path "path\to\file.csv". Replace "path\to\file.csv" with the actual path to your .csv file.
  4. Loop through each user in the .csv file using the command foreach ($user in $users).
  5. Within the loop, create a new Azure AD user by running the command New-AzADUser -UserPrincipalName $user.UserName -DisplayName $user.DisplayName -MailNickName $user.MailNickname -AccountEnabled $true -Password (ConvertTo-SecureString -String $user.Password -AsPlainText -Force)
  6. End the loop by running }
  7. Run the script and it will create users in your azure tenant.
Note: Make sure that you are running these commands in Azure AD PowerShell module and also that you have the necessary permissions to create users in your Azure tenant.
By following these steps, you can use PowerShell to automate the creation of multiple users in an Azure tenant from a .csv file. This can save a lot of time and effort compared to manually creating each user, especially if you need to create a large number of users.

Trust your providers

1/19/2023

 
When it comes to security, it's important for businesses to trust their service providers. Accreditation is a way for businesses to ensure that their service providers are meeting industry standards and that they are providing high-quality services.
​
One of the main reasons why businesses should buy security services from accredited service providers is that these providers have been independently vetted by a third party. This means that they have been assessed against a set of standards and have been found to meet or exceed those standards. This provides businesses with a level of assurance that they are working with a reputable and trustworthy provider.

Another reason why businesses should buy security services from accredited service providers is that these providers have a proven track record of success. Accreditation is not a one-time event; it must be renewed on a regular basis, meaning that providers must continuously meet the standards in order to maintain their accreditation. This means that businesses can trust that their providers have the necessary experience and expertise to provide high-quality security services.

Accreditation can also help businesses ensure that their service providers are keeping up with the latest technology and industry developments. Accreditation bodies often require providers to demonstrate that they are using the latest technology and that they are staying up-to-date with industry trends. This helps businesses ensure that their service providers are providing the most current and effective security solutions.

Moreover, Accreditation also ensures that the service providers are adhering to the regulations, laws and compliance requirement that are specific to the industry or sector they are operating in. This is especially important for businesses that operate in regulated industries, such as financial services or healthcare, where compliance with regulations is critical to maintaining the trust of customers and stakeholders.
​
Additionally, Accreditation also helps in building trust with the customers and partners. When a business is working with an accredited security service provider, it sends a message to its customers and partners that the business takes security seriously and that it is committed to protecting its own and its customers' assets and sensitive information.

In summary, businesses should buy security services from accredited service providers because these providers have been independently vetted, have a proven track record of success, are keeping up with the latest technology and industry developments, adhering to the regulations, laws and compliance requirements and also helps in building trust with the customers and partners. Accreditation is an important way for businesses to ensure that they are working with reputable and trustworthy providers and that they are getting the high-quality security services they need to protect their assets and personnel.

Got a PROCEDURE FOR PROTECTING INTELLECTUAL PROPERTY (SOFTWARE)?

1/19/2023

 


  1. Conduct a thorough assessment of your intellectual property: Identify all the software and related materials that you consider to be your intellectual property. This includes any source code, documentation, and other related materials.
  2. Secure your source code: Keep your source code in a secure location, such as a password-protected server or cloud storage. Limit access to the source code to only those individuals who need it to perform their job functions.
  3. Use non-disclosure agreements (NDAs): Have all employees, contractors, and third-party vendors sign NDAs to protect your intellectual property. This will help to prevent accidental or intentional disclosures of your software or related materials.
  4. Protect your software with encryption: Use encryption to protect your software from unauthorized access and use. This will help to prevent piracy and unauthorized distribution of your software.
  5. Implement access controls: Implement access controls to limit who can access your software and related materials. This includes setting up user accounts, role-based access, and logging activities.
  6. Use watermarking: Use watermarking to protect your software from piracy and unauthorized distribution. Watermarking allows you to identify the source of an unauthorized copy of your software.
  7. Conduct regular audits: Conduct regular audits to ensure that your intellectual property is being protected. This includes reviewing access logs, testing your software for vulnerabilities, and reviewing NDAs to ensure compliance.
  8. Seek legal protection: Consider seeking legal protection for your intellectual property, such as patents, trademarks, and copyrights. This will give you legal remedies if your intellectual property is infringed upon.
  9. Keep records: Keep records of all activities related to your intellectual property, including NDAs, access logs, and any legal protection obtained.
  10. Continuously review and update: Continuously review and update your intellectual property protection procedures to ensure they are in line with current laws and best practices.

Windows active directory tips

1/18/2023

 
Active Directory (AD) is a critical component of any Windows Server environment, and proper configuration is essential for efficient administration. Here are some best practices for configuring Windows Server 2019 Active Directory for administration:
  1. Implement Group Policy Objects (GPOs): GPOs are used to centrally manage and configure settings for users and computers within the AD domain. GPOs can be used to enforce security policies, configure software settings, and manage user accounts.
  2. Use Organizational Units (OUs): OUs are used to organize and structure the AD environment. By creating OUs for different departments, teams, or groups of users, administrators can more easily manage and apply GPOs and permissions.
  3. Utilize Active Directory Users and Computers: This tool is used to manage the user and computer accounts within the AD domain. This tool allows administrators to create, delete, and manage accounts, as well as assign permissions and group membership.
  4. Utilize Active Directory Domains and Trusts: This tool is used to manage the AD domain structure and trust relationships between domains.
  5. Implement a backup and recovery strategy: Regularly backing up AD is crucial to ensure that the organization's data can be recovered in case of an emergency.
  6. Use Active Directory Administrative Center: This is a new feature of Windows Server 2019 that provides a modern, web-based interface for managing AD. It allows administrators to perform common AD tasks such as creating and managing user and computer accounts, managing GPOs, and monitoring the health of the AD environment.
  7. Utilize Role-Based Access Control (RBAC): RBAC allows administrators to assign different roles and permissions to different users and groups, making it easier to delegate responsibilities and manage access to resources.
  8. Use Global Access Groups: Global access groups are used to manage access to resources across the entire AD forest. This can be used to more easily manage access to resources such as servers, printers, and applications.
  9. Regularly check for security vulnerabilities: Regularly check for security vulnerabilities and apply the necessary patches and updates to keep your AD environment secure.
By following these best practices, organizations can ensure that their Windows Server 2019 Active Directory is configured for efficient administration, while also maintaining a high level of security. It's important to note that the best practice may vary depending on the specific needs and requirements of the organization.

SMB 10 things for 2023

1/16/2023

 
Small businesses are increasingly becoming the target of cyber attacks, making it important for them to take steps to protect themselves from hackers and social engineers.

​Here are 10 things that small businesses can do to protect themselves:
  1. Implement strong passwords: Use strong and unique passwords for all accounts, and require employees to do the same.
  2. Use two-factor authentication: Implementing two-factor authentication can add an extra layer of security to protect against hackers.
  3. Keep software and systems up-to-date: Regularly update software and systems to ensure that security vulnerabilities are patched.
  4. Use a firewall: Firewalls can help prevent unauthorized access to a business's network and protect against cyber attacks.
  5. Train employees on security best practices: Educate employees on how to identify and avoid phishing scams, social engineering tactics, and other cyber threats.
  6. Regularly back up important data: Regularly back up important data to ensure that it can be recovered in case of a cyber attack.
  7. Use anti-virus and anti-malware software: Use anti-virus and anti-malware software to protect against malware and other malicious software.
  8. Limit access to sensitive information: Limit access to sensitive information to only those employees who need it to perform their job duties.
  9. Use a VPN: Use a virtual private network (VPN) to encrypt communications and protect against cyber attacks.
  10. Have an incident response plan: Have an incident response plan in place to respond quickly and effectively in case of a cyber attack.
By following these best practices, small businesses can take steps to protect themselves from hackers and social engineers. It's important to remember that cyber threats are constantly evolving, so it's crucial for small businesses to regularly review and update their security measures.
<<Previous
Forward>>

    Tom Brennan

    This is my blog, there are many like it but this one is mine. Enjoy.

    View my profile on LinkedIn

    BLOG Archives

    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    August 2022
    April 2022
    August 2021
    March 2021
    January 2021
    August 2020

    Categories

    All
    CMMC
    COMMUNITY
    TECHTIP

    RSS Feed

Contact Info

Proactive Risk Inc.
Tel: +1 (973) 298-1160
Web: www.proactiverisk.com
eMail: sales(at)proactiverisk.com

CONTACT US
Picture
© COPYRIGHT 2023. ALL RIGHTS RESERVED.
  • About
    • 800 lb Gorilla
    • Our Manifesto
    • Simple Agreements >
      • Mutual Confidentiality and Non Disclosure Agreement
      • Master Agreement | Work Order
    • BLOG
    • Capabilities Summary
    • Request Support
    • Contact Us
  • SOLUTIONS
    • Fractional CIO/CISO
    • Cyber Recruiter
    • Threat Modeling
    • Policies and Plans
    • MonitorIT®
    • Software Development
    • Domains | DNS
    • PhishIT®
    • MeasureRISK®
    • Vendor Risk
    • CATSCAN®
    • Physical Security
    • Backup Resiliency
    • ProtectIT®
    • ManageIT®
    • FINDIT® >
      • RAPTOR eDiscovery
  • RESOURCES
    • Tech News
    • Videos
    • Store
    • Guides | Tools
    • STAFF