network_defender ✭✭✭✭✭

Lately, my greatest fear is losing power to the datacenter. We have UPS, however the chillers for cooling don't always reset. Needless to say, we have had quite a few heat events. Management doesn't see it as a problem since we haven't had any expensive losses, yet.

Oddly enough, we are a DR site. We do the engineering for the other sites. If we dump, we just rebuild.

Good read

This sounds like it could be a lot of fun. Now to pick a theme to write towards.

We do spend a lot of money to accomplish very little.

So, does the chip\PIN used one modern credit and debit cards comply with PCI DSS 3.2?

Cool beans! This is always fun!

Cyber Monday doesn't seem to be such an item now. So many sites are having pre Cyber Monday sales that Cyber Monday has been rendered irrelevant. 

That's me in the back. No cameras allowed at work.

Pen testing Layer Eight. The higher you go in the OSI model, more attack vectors become available. Layer Eight (humans) are no exception. Pen test with phishing e-mails. If the user fails, they get remedial training. Whether the pass or fail, you can use this to further refine your Incident Handling process. 

From a security perspective, automate everything you can. This leaves more time for actual engineering.

More data gathering by Amazon?

Sometimes, bringing in an outside expert is well worth the effort. Setting up a virtual environment is no trivial task.

I truly enjoyed doing this.

passive-aggressive email phrasesSometimes they are needed. I have sent documentation to our lead engineer, only to have to resend is 3-4 times.

Sounds like not all departments have management buy in.

Thank you

I would have to agree with the slow and steady approach. How are training issues being addressed?

Agreed!! If it isn't in writing, it doesn't exist.

Those differing interpretations are often based on that person's motivations. Are they serious about securing the network, or are they just checking the check box?

At a DoD installation that will remain nameless, I was part of a team that was tasked with monitoring an intrusion. When we found the intrusion, we brought it up our chain of command. They took it up further and the word came down to monitor, not shut down. The data the intruder had access to was training data that was of…

As always, a very good read.

Just to help solidify the syntax in my brain, I went looking for Reset flags on the inner interface of my firewall. I found a pair of systems not communicating properly and was able to let the owners of the offending machines know. Thanks.

Same here. I know I am watching the store on my own network. The cloud requires me to trust someone else to do the same. Will they have the same diligence? The same focus?

Online for real time access, 30 days. Offline for 365.

Good write up.

Someday

The MVP write up was a little surprising. So much for Apple being the most secure.

Too many upper management restraints.

Yep. Tailor your monitoring to what you actually want to see.