Geek Speak Blogs

cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Geek Speak Blogs

Level 13

Here’s an interesting article by my colleague Head Geek Sascha Giese discussing how organizations can support the ever-increasing mobile workforce in the public sector.

Read more...

Read more
0 0 39
Level 13

I really liked this piece by SolarWinds VP of Product Strategy Craig McDonald. It reviews different monitoring strategies to support various cloud deployment methods and advice using an application centric approach.

Read more...

Read more
0 0 87
Level 13

This piece by SolarWinds VP of Product Strategy Brandon Shopp discusses details about audit logs and how they help with troubleshooting, identifying, and remediating network vulnerabilities.

Read more...

Read more
0 0 99
Level 13

Here’s an interesting article by my colleague Jim Hansen discussing complexities of securing hybrid data centers. Monitoring on-premises and cloud components with different tools doesn’t work and Jim has some good suggestions for managing this increasingly common situation.

Read more...

Read more
0 0 93
Level 13

I really liked this piece by SolarWinds VP of Product Strategy Brandon Shopp reviewing how the esports revolution is impacting schools and how bandwidth monitoring, network segmentation, and security considerations can be managed for improved performance.

Read more...

Read more
0 0 99
Level 13

Here’s an interesting article by my colleague Brandon Shopp discussing strategies for securing the tactical edge with suggestions such as network segmentation, working with device vendors for device data, and end user education.

Read more...

Read more
0 0 94
Level 13

I really liked this piece by SolarWinds VP of Product Strategy Brandon Shopp. It reviews mobile security threats and tips for combating evolving threats, improving endpoint security and access rights management, educating end users, and enforcing mobile policies.

Read more...

Read more
0 1 128
Level 13

Here’s an interesting article by my colleague Brandon Shopp discussing details about improving endpoint security to protect school networks and data.

Read more...

Read more
0 2 143
Level 13

Here’s an interesting article by my colleague Brandon Shopp where he reviews the DOD cloud strategy and how they plan to use artificial intelligence and machine learning for Information Dominance.

Read more...

Read more
1 1 123
Level 13

Here’s an interesting article by my colleague Brandon Shopp discussing the Federal Government’s cloud smart strategy with suggestions on how to achieve needed improvements.

Read more...

Read more
0 0 148
Level 13

Here’s an interesting article by my colleague Jim Hansen reviewing some of the security issues involved with government contractors. We also discuss findings from last year’s cyber survey about what agencies are doing to reduce these threats.

Read more...

Read more
0 0 135
Level 13

Here’s an interesting article by my colleague Brandon Shopp discussing the fed’s effective use of frameworks and how this methodology can be adopted by other organizations.

Read more...

Read more
0 0 135
Level 13

Here’s an interesting article by my colleague Craig McDonald reviewing cloud and software-defined data center adoption across government. Everything seems to be trending towards software-defined these days.

Read more...

Read more
0 1 112
Level 13

Here’s an interesting article by my colleague Mav Turner, who offers suggestions for scaling monitoring to support large complex networks.

Read more...

Read more
0 2 142
Level 17

This edition of the Actuator comes to you from my kitchen, where I'm enjoying some time at home before I hit the road. I'll be at RSA next week, then Darmstadt, Germany the following week. And then I head to Seattle for the Microsoft MVP Summit. This is all my way of saying future editions of the Actuator may be delayed. I'll do my best, but I hope you understand.

As always, here's a bunch of links I hope you will find useful. Enjoy!

It doesn’t matter if China hacked Equifax

No, it doesn't, because the evidence suggests China was but one of many entities that helped themselves to the data Equifax was negligent in guarding.

Data centers generate the same amount of carbon emissions as global airlines

Machine learning, and bitcoin mining, are large users of power in any data center. This is why Microsoft has announced they'll look to be carbon neutral as soon as possible.

Delta hopes to be the first carbon neutral airline

On the heels of Microsoft's announcement, seeing this from Delta gives me hope many other companies will take action, and not issue press releases only.

Apple’s Mac computers now outpace Windows in malware and virus

Nothing is secure. Stay safe out there.

Over 500 Chrome Extensions Secretly Uploaded Private Data

Everything is terrible.

Judge temporarily halts work on JEDI contract until court can hear AWS protest

This is going to get ugly to watch. You stay right there, I'll go grab the popcorn.

How to Add “Move to” or “Copy to” to Windows 10’s Context Menu

I didn't know I needed this until now, and now I'm left wondering how I've lived so long without this in my life.

Our new Sunday morning ritual is walking through Forest Park. Each week we seem to find something new to enjoy.

048F2408-CFE5-4464-8C7A-842A9FFC1832.GIF

Read more
3 27 1,175
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by Brandon Shopp about DoD’s not-so-secret weapon against cyberthreats. DISA has created technical guidelines that evolve to help keep ahead of threats, and this blog helps demystify DISA STIGs.

The Defense Information Systems Agency (DISA) has a set of security regulations to provide a baseline standard for Department of Defense (DoD) networks, systems, and applications. DISA enforces hundreds of pages of detailed rules IT pros must follow to properly secure or “harden” the government computer infrastructure and systems.

If you’re responsible for a DoD network, these STIGs (Security Technical Implementation Guides) help guide your network management, configuration, and monitoring strategies across access control, operating systems, applications, network devices, and even physical security. DISA releases new STIGs at least once every quarter. This aggressive release schedule is designed to catch as many recently patched vulnerabilities as possible and ensure a secure baseline for the component in operation.

How can a federal IT pro get compliant when so many requirements must be met on a regular basis? The answer is automation.

First, let’s revisit STIG basics. The DoD developed STIGs, or hardening guidelines, for the most common components comprising agency systems. As of this writing, there are nearly 600 STIGs, each of which may comprise hundreds of security checks specific to the component being hardened.

A second challenge, in addition to the cost of meeting STIG requirements, is the number of requirements needing to be met. Agency systems may be made up of many components, each requiring STIG compliance. Remember, there are nearly 600 different versions of STIGs, some unique to a component, some targeting specific release versions of the component.

Wouldn’t it be great if automation could step in and solve the cost challenge while saving time by building repeatable processes? That’s precisely what automation does.

  • Automated tools for Windows servers let you test STIG compliance on a single instance, test all changes until approved, then push out those changes to other Windows servers via Group Policy Object (GPO) automation. Automated tools for Linux permit a similar outcome: test all changes due to STIG compliance and then push all approved changes as a tested, secure baseline out to other servers
  • Automated network monitoring tools digest system logs in real time, create alerts based on predefined rules, and help meet STIG requirements for Continuous Monitoring (CM) security controls while providing the defense team with actionable response guidance
  • Automated device configuration tools can continuously monitor device configurations for setting changes across geographically dispersed networks, enforcing compliance with security policies, and making configuration backups useful in system restoration efforts after an outage
  • Automation also addresses readability. STIGs are released in XML format—not the most human-readable form for delivering data. Some newer automated STIG compliance tools generate easy-to-read compliance reports useful for both security management and technical support teams

If you’re a federal IT pro within a DoD agency, you have an increasing number of requirements to satisfy. Let automation take some of the heavy lifting when it comes to compliance, so you and your team can focus on more pressing tasks.

Find the full article on Government Technology Insider.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
1 12 784
Level 17

This week's Actuator comes to you from Austin, as I'm in town to host SolarWinds Lab live. We'll be talking about Database Performance Monitor (nee VividCortex). I hope you find time to watch and bring questions!

As always, here's a bunch of links I hope you find useful. Enjoy!

First clinical trial of gene editing to help target cancer

Being close to the biotech industry in and around Boston, I heard rumors of these treatments two years ago. I'm hopeful our doctors can get this done, and soon.

What Happened With DNC Tech

Twitter thread about the tech failure in Iowa last week.

Analysis of compensation, level, and experience details of 19K tech workers

Wonderful data analysis on salary information. Start at the bottom with the conclusions, then decide for yourself if you want to dive into the details above.

Things I Believe About Software Engineering

There's some deep thoughts in this brief post. Take time to reflect on them.

Smart Streetlights Are Experiencing Mission Creep

Nice reminder that surveillance is happening all around us, in ways you may never know.

11 Reasons Not to Become Famous (or “A Few Lessons Learned Since 2007”)

A bit long, but worth the time. I've never been a fan of Tim or his book, but this post struck a chord.

Berlin artist uses 99 phones to trick Google into traffic jam alert

Is it wrong that I want to try this now?

I think I understand why they never tell me anything around here...

Read more
1 17 781
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by my colleague Mav Turner with ideas about how the government could monitor and automate their hyperconverged infrastructure to help achieve their modernization objectives.

It’s no surprise hyperconverged infrastructure (HCI) has been embraced by a growing number of government IT managers, since HCI merges storage, compute, and networking into a much smaller and more manageable footprint.

As with any new technology, however, HCI’s wide adoption can be slowed by skeptics, such as IT administrators concerned with interoperability and implementation costs. However, HCI doesn’t mean starting from scratch. Indeed, migration is best achieved gradually, with agencies buying only what they need, when they need it, as part of a long-term IT modernization plan.

Let’s take a closer look at the benefits HCI provides to government agencies, then examine key considerations when it comes to implementing the technology—namely, the importance of automation and infrastructure monitoring.

Combining the Best of Physical and Virtual Worlds

Enthusiasts like HCI giving them the performance, reliability, and availability of an on-premises data center along with the ability to scale IT in the cloud. This flexibility allows them to easily incorporate new technologies and architectures into the infrastructure. HCI also consolidates previously disparate compute, networking, and storage functions into a single, compact data center.

Extracting Value Through Monitoring and Automation

Agencies are familiar with monitoring storage, network, and compute as separate entities; when these functions are combined with HCI, network monitoring is still required. Indeed, having complete IT visibility becomes more important as infrastructure converges.

Combining different services into one is a highly complex task fraught with risk. Things change rapidly, and errors can easily occur. Managers need clear insight into what’s going on with their systems.

After the initial deployment is complete monitoring should continue unabated. It’s vital for IT managers to understand the impact apps, services, and integrated components have on each other and the legacy infrastructure around them.

Additionally, all these processes should be fully automated. Autonomous workload acceleration is a core HCI benefit. Automation binds HCI components together, making them easier to manage and maintain—which in turn yields a more efficient data center. If agencies don’t spend time automating the monitoring of their HCI, they’ll run the risk of allocating resources or building out capacity they don’t need and may expose organizational data to additional security threats.

Investing in the Right Technical Skills

HCI requires a unique skillset. It’s important they invest in technical staff with practical HCI experience and the knowledge to effectively implement infrastructure monitoring and automation capabilities. These experts will be critical in helping agencies take advantage of the vast potential this technology has to offer.

Reaping the Rewards of HCI

Incorporating infrastructure monitoring and automation into HCI implementation plans will enable agencies to reap the full rewards: lower total cost of IT ownership thanks to simplified data center architecture, consistent and predictable performance, faster application delivery, improved agility, IT service levels accurately matched to capacity requirements, and more.

There’s a lot of return for simply applying the same level of care and attention to monitoring HCI as traditional infrastructure.

Find the full article on Government Computer News.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
0 5 583
Level 17

This week's Actuator comes to you from New England where it has been 367 days since our team last appeared in a Super Bowl. I'm still not ready to talk about it, though.

As always, here's a bunch of links I hope you find interesting. Enjoy!

97% of airports showing signs of weak cybersecurity

I would have put the number closer to 99%.

Skimming heist that hit convenience chain may have compromised 30 million cards

Looks like airports aren't the only industry with security issues.

It’s 2020 and we still have a data privacy problem

SPOILER ALERT: We will always have a data privacy problem.

Don’t be fooled: Blockchains are not miracle security solutions

No, you don't need a blockchain.

Google’s tenth messaging service will “unify” Gmail, Drive, Hangouts Chat

Tenth time is the charm, right? I'm certain this one will be the killer messaging app they have been looking for. And there's no way once it gets popular they'll kill it, either.

A Vermont bill would bring emoji license plates to the US

Just like candy corn, here's something else no one wants.

For the game this year I made some pork belly bites in a garlic honey soy sauce.

pastedImage_6.png

Read more
0 20 960
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by my colleague Jim Hansen reviewing data from our cybersecurity survey, including details on how agencies are combatting threats.

According to a 2019 Federal Cybersecurity Survey released last year by IT management software company SolarWinds, careless and malicious insiders topped the list of security threats for federal agencies. Yet, despite the increased threats, federal IT security pros believe they’re making progress managing risk.

Why the positive attitude despite the increasing challenge? While threats may be on the rise, strategies to combat these threats—such as government mandates, security tools, and best practices—are seeing vast improvements.

Greater Threat, Greater Solutions

According to the Cybersecurity Survey, 56% of respondents said the greatest source of security threats to federal agencies is careless and/or untrained agency insiders; 36% cited malicious insiders as the greatest source of security threats.

Most respondents cited numerous reasons why these types of threats have improved or remained in control, from policy and process improvements to better cyberhygiene and advancing security tools.

•Policy and process improvements: 58% of respondents cited “improved strategy and processes to apply security best practices” as the primary reason careless insider threats have improved.

•Basic security hygiene: 47% of respondents cited “end-user security awareness training” as the primary reason careless insider threats have improved.

•Advanced security tools: 42% of respondents cited “intrusion detection and prevention tools” as the primary reason careless insider threats have improved.

“NIST Framework for Improving Critical Infrastructure Cybersecurity” topped the list of the most critical regulations and mandates, with FISMA (Federal Information Security Management Act) and DISA STIGs (Security Technical Implementation Guides) following close behind, at 60%, 55%, and 52% of respondents, respectively, citing these as the primary contributing factor in managing agency risks.

There’s also no question the tools and technologies to help reduce risk are advancing quickly; this was evidenced by the number of tools federal IT security pros rely on to ensure a stronger security posture within their agencies. The following are the tools cited, and the percentage of respondents saying these are their most important technologies in their proverbial tool chest:

•Intrusion detection and prevention tools 42%

•Endpoint and mobile security 34%

•Web application firewalls 34%

•Fire and disk encryption 34%

•Network traffic encryption 34%

•Web security or web content filtering gateways 33%

•Internal threat detection/intelligence 30%

Training was deemed the most important factor in reducing agency risk, particularly when it comes to reducing risks associated with contractors or temporary workers:

•53% cited “ongoing security training” as the most important factor

•49% cited “training on security policies when onboarding” as the most important factor

•44% cited “educate regular employees on the need to protect sensitive data” as the most important factor

Conclusion

Any federal IT security pro will tell you although things are improving, there’s no one answer or one solution. The most effective way to reduce risk is a combination of tactics, from implementing ever-improving technologies to meeting federal mandates to ensuring all staffers are trained in security best practices.

Find the full article on our partner DLT’s blog Technically Speaking.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
1 15 989
Level 17

This week's Actuator comes to you from the suddenly mild January here in the Northeast. I'm taking advantage of the warm and dry days up here, spending time walking outdoors. Being outdoors is far better than the treadmill at the gym.

As always, here's a bunch of links from the internet I hope you will find useful. Enjoy!

Jeff Bezos hack: Amazon boss's phone 'hacked by Saudi crown prince'

I don't know where to begin. Maybe we can start with the idea that Bezos uses WhatsApp, an app known to be unsecured and owned by the unsecured Facebook. I'm starting to think he built a trillion-dollar company by accident, not because he's smart.

New Ransomware Process Leverages Native Windows Features

This is notable, but not new. Ransomware often uses resources available on the machine to do damage. For example, VB macros embedded in spreadsheets. I don't blame Microsoft for saying they won't provide security service for this, but it would be nice if they could hint at finding ways to identify and halt malicious activity.

London facial recognition: Metropolitan police announces new deployment of cameras

Last week the EU was talking about a five-year ban on facial recognition technology. Naturally, the U.K. decides to double down on their use of that same tech. I can't help but draw the conclusion this shows the deep divide between the U.K. and the EU.

Security Is an Availability Problem

I'm not certain, but I suspect many business decision-makers tend to think "that can't happen to us," and thus fail to plan for the day when it does happen to them.

Apple's dedication to 'a diversity of dongles' is polluting the planet

Words will never express my frustration with Apple for the "innovation" of removing a headphone jack and forcing me to buy additional hardware to continue to use my existing accessories.

Webex flaw allowed anyone to join private online meetings - no password required

The last thing I'm doing during the day is trying to join *more* meetings.

Play Dungeons & Deadlines

You might want to set aside some time for this one.

Walking through Forest Park this past Sunday, after a rainstorm the day before and the temperature so perfect to catch the steam coming off the trees.

pastedImage_0.png

Read more
2 34 1,358
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by Jim Hansen about using patching, credential management, and continuous monitoring to improve security of IoT devices.

Security concerns over the Internet of Things (IoT) are growing, and federal and state lawmakers are taking action. First, the U.S. Senate introduced the Internet of Things Cybersecurity Improvement Act of 2017, which sought to “establish minimum security requirements for federal procurements of connected devices.” More recently, legislators in the state of California introduced Senate Bill No. 327, which stipulated manufacturers of IoT devices include “a reasonable security feature” within their products.

While these laws are good starting points, they don’t go far enough in addressing IoT security concerns.

IoT Devices: A Hacker’s Best Friend?

Connected devices all have the potential to connect to the internet and local networks and, for the most part, were designed for convenience and speed—not security. And since they’re connected to the network, they offer a backdoor through which other solutions can be easily compromised.

As such, IoT devices offer tantalizing targets for hackers. A single exploit from one connected device can lead to a larger, more damaging breach. Remember the Target hack from a few years ago? Malicious attackers gained a foothold into the retail giant’s infrastructure by stealing credentials from a heating and air condition company whose units were connected to Target’s network. It’s easy to imagine something as insidious—and even more damaging to national security—taking place within the Department of Defense or other agencies, which has been an early adopter of connected devices.

Steps for Securing IoT Devices

When security managers initiate IoT security measures, they’re not only protecting their devices, they’re safeguarding everything connected to those devices. Therefore, it’s important to go beyond the government’s baseline security recommendations and embrace more robust measures. Here are some proactive steps government IT managers can take to lock down their devices and networks.

  • Make patching and updating a part of the daily routine. IoT devices should be subject to a regular cadence of patches and updates to help ensure the protection of those devices against new and evolving vulnerabilities. This is essential to the long-term security of connected devices.

The Internet of Things Cybersecurity Improvement Act of 2017 specifically requires vendors to make their IoT devices patchable, but it’s easy for managers to go out and download what appears to be a legitimate update—only to find it’s full of malware. It’s important to be vigilant and verify security packages before applying them to their devices. After updates are applied, managers should take precautions to ensure those updates are genuine.

  • Apply basic credential management to interaction with IoT devices. Managers must think differently when it comes to IoT device user authentication and credential management. They should ask, “How does someone interact with this device?” “What do we have to do to ensure only the right people, with the right authorization, are able to access the device?” “What measures do we need to take to verify this access and understand what users are doing once they begin using the device?”

Being able to monitor user sessions is key. IoT devices may not have the same capabilities as modern information systems, such as the ability to maintain or view log trails or delete a log after someone stops using the device. Managers may need to proactively ensure their IoT devices have these capabilities.

  • Employ continuous threat monitoring to protect against attacks. There are several common threat vectors hackers can use to tap into IoT devices. SQL injection and cross-site scripting are favorite weapons malicious actors use to target web-based applications and could be used to compromise connected devices.

Managers should employ IoT device threat monitoring to help protect against these and other types of intrusions. Continuous threat monitoring can be used to alert, report, and automatically address any potentially harmful anomalies. It can monitor traffic passing to and from a device to detect whether the device is communicating with a known bad entity. A device in communication with a command and control system outside of the agency’s infrastructure is a certain red flag that the device—and the network it’s connected to—may have been compromised.

The IoT is here to stay, and it’s important for federal IT managers to proactively tackle the security challenges it poses. Bills passed by federal and state legislators are a start, but they’re not enough to protect government networks against devices that weren’t designed with security top-of-mind. IoT security is something agencies need to take into their own hands. Managers must understand the risks and put processes, strategies, and tools in place to proactively mitigate threats caused by the IoT.

Find the full article on Fifth Domain.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
0 11 595
Level 17

Back from Austin and home for a few weeks before I head...back to Austin for a live episode of SolarWinds Lab. Last week was the annual Head Geeks Summit, and it was good to be sequestered for a few days with just our team as we map out our plans for world domination in 2020 (or 2021, whatever it takes).

As always, here's a bunch of stuff I found on the internetz this week that I think you might enjoy. Cheers!

Critical Windows 10 vulnerability used to Rickroll the NSA and Github

Patch your stuff, folks. Don't wait, get it done.

WeLeakInfo, the site which sold access to passwords stolen in data breaches, is brought down by the ...

In case you were wondering, the website was allowed to exist for three years before it was finally shut down. No idea what took so long, but I tip my hat to the owners. They didn't steal anything, they just took available data and made it easy to consume. Still, they must have known they were in murky legal waters.

Facial recognition: EU considers ban of up to five years

I can't say if that's the right amount of time; I'd prefer they ban it outright for now. This isn't just a matter of the tech being reliable, it brings about questions regarding basic privacy versus a surveillance state.

Biden wants Sec. 230 gone, calls tech “totally irresponsible,” “little creeps”

Politics aside, I agree with the idea that a website publisher should bear some burden regarding the content allowed. Similar to how I feel developers should be held accountable for deploying software that's not secure, or leaving S3 buckets wide open. Until individuals understand the risks, we will continue to have a mess of things on our hands.

Microsoft pledges to be 'carbon negative' by 2030

This is a lofty goal, and I applaud the effort here by Microsoft to erase their entire carbon footprint since they were founded in 1975. It will be interesting to see if any other companies try to follow, but I suspect some (*cough* Apple) won't even bother.

Google’s Sundar Pichai doesn’t want you to be clear-eyed about AI’s dangers

In today's edition of "do as I say, not as I do", Google reminds us that their new motto is "Only slightly evil."

Technical Debt Is like a Tetris Game

I like this analogy, and thought you might like it as well. Let me know if it helps you.

If you are ever in Kansas City, run, don't walk, to Jack Stack and order the beef rib appetizer. You're welcome.

7_18_13 - 1.jpg

Read more
2 21 851
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by my colleague Brandon Shopp with ideas for improving security at the DoD by finding vulnerabilities and continuously monitoring agency infrastructure.

An early 2019 report from the Defense Department Officer of Inspector General revealed how difficult it’s been for federal agencies to stem the tide of cybersecurity threats. Although the DoD has made significant progress toward bolstering its security posture, 266 cybersecurity vulnerabilities still existed. Most vulnerabilities have only been discovered within the past year—a sure sign of rising risk levels.

The report cited several areas for improvement, including continuous monitoring and detection processes, security training, and more. Here are three strategies DOD can use to tackle those remaining 200-plus vulnerabilities.

1. Identify Existing Threats and Vulnerabilities

Identifying and addressing vulnerabilities will become more difficult as the number of devices and cloud-based applications on defense networks proliferates. Although government IT managers have gotten a handle on bring-your-own-device issues, undetected devices are still used on DoD networks.

Scanning for applications and devices outside the control of IT is the first step toward plugging potential security holes. Apps like Dropbox and Google Drive may be great for productivity, but they could also expose the agency to risk if they’re not security hardened.

The next step is to scan for hard-to-find vulnerabilities. The OIG report called out the need to improve “information protection processes and procedures.” Most vulnerabilities occur when configuration changes aren’t properly managed. Automatically scanning for configuration changes and regularly testing for vulnerabilities can help ensure employees follow the proper protocols and increase the department’s security posture.

2. Implement Continuous Monitoring, Both On-Premises and in the Cloud

While the OIG report specifically stated the DoD must continue to proactively monitor its networks, those networks are becoming increasingly dispersed. It’s no longer only about keeping an eye on in-house applications; it’s equally as important to be able to spot potential vulnerabilities in the cloud.

DoD IT managers should go beyond traditional network monitoring and look more deeply into the cloud services they use. The ability to see the entire network, including destinations in the cloud, is critically important, especially as the DoD becomes more reliant on hosted service providers.

3. Establish Ongoing User Training and Education Programs

A well-trained user can be the best protection against vulnerabilities, making it important for the DoD to implement a regular training cadence for its employees.

Training shouldn’t be relegated to the IT team alone. A recent study indicates insider threats pose some of the greatest risk to government networks. As such, all employees should be trained on the agency’s policies and procedures and encouraged to follow best practices to mitigate potential threats. The National Institute of Standards and Technology provides an excellent guide on how to implement an effective security training program.

When it comes to cybersecurity, the DoD has made a great deal of progress, but there’s still room for improvement. By implementing these three best practices, the DoD can build off what it’s already accomplished and focus on improvements.

Find the full article on Government Computer News.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
2 13 1,006
Level 17

In Austin this week for our annual meeting of Head Geeks. The first order of business is to decide what to call our group. I prefer a "gigabyte of Geeks," but I continue to be outvoted. Your suggestions are welcome.

As always, here's a bunch of links from the internet I hope you find interesting. Enjoy!

Facebook again refuses to ban political ads, even false ones

Zuckerberg continues to show the world he only cares about ad revenue, for without that revenue stream his company would collapse.

Scooter Startup Lime Exits 12 Cities and Lays Off Workers in Profit Push

Are you saying renting scooters your customers then abandon across cities *is not* a profitable business model? That's crazy!

Russian journals retract more than 800 papers after ‘bombshell’ investigation

I wish we could do the same thing with blog posts, old and new.

Alleged head of $3.5M crypto mining scam bought stake in nightclub

A cryptocurrency scam? Say it isn't so! Who knew this was even possible?

Ring confirms it fired four employees for watching customer videos

Ah, but only after an external complaint, and *after* their actions were known internally. In other words, these four would still have jobs if not for the external probe.

Tesla driver arrested for flossing at 84 mph on autopilot

Don't judge, we've all been there, stuck in our car and in need of flossing our teeth.

It's helpful for a restaurant to publish their menu outside for everyone to see.

IEBYE5932.JPG

Read more
2 36 1,112
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by my colleague Brandon Shopp with ideas about modernizing security along with agency infrastructure to reduce cyberthreats.

As agencies across the federal government modernize their networks to include and accommodate the newest technologies such as cloud and the Internet of Things (IoT), federal IT professionals are faced with modernizing security tactics to keep up.

There’s no proverbial silver bullet, no single thing capable of protecting an agency’s network. The best defense is implementing a range of tactics working in concert to provide the most powerful security solution.

Let’s take a closer look.

Access Control

Something nearly all of us take for granted is access. The federal IT pro can help dramatically improve the agency’s security posture by reining in access.

There can be any number of reasons for federal IT pros to set overly lenient permissions—from a lack of configuration skills to a limited amount of time. The latter is often the more likely culprit as access control applies to many aspects of the environment. From devices to file folders and databases, it’s difficult and time-consuming to manage setting access rights.

Luckily, an increasing number of tools are available to help automate the process. Some of these tools can go so far as to automatically define permission parameters, create groups and ranges based on these parameters, and automatically apply the correct permissions to any number of devices, files, or applications.

Once permissions have been set successfully, be sure to implement multifactor authentication to ensure access controls are as effective as possible.

Diverse Protection

The best protection against a complex network is multi-faceted security. Specifically, to ensure the strongest defense, invest in both cloud-based and on-premises security.

For top-notch cloud-based security, consider the security offerings of the cloud provider with as much importance as other benefits. Too many decisionmakers overlook security in favor of more bells and whistles.

Along similar lines of implementing diverse, multi-faceted security, consider network segmentation. If an attack happens, the federal IT pro should be able to shut down a portion of the network to contain the attack while the rest of the network remains unaffected.

Testing

Once the federal IT pro has put everything in place, the final phase—testing—will quickly become the most important aspect of security.

Testing should include technology testing (penetration testing, for example), process testing (is multi-factor authentication working?), and people testing (testing the weakest link).

People testing may well be the most important part of this phase. Increasingly, security threats caused by human error are becoming one of the federal government’s greatest threats. In fact, according to a recent Cybersecurity Survey, careless and malicious insiders topped the list of security threats for federal agencies.

Conclusion

There are tactics federal IT pros can employ to provide a more secure environment, from enhancing access control to implementing a broader array of security defenses to instituting a testing policy.

While each of these is important individually, putting them together goes a long way toward strengthening any agency’s security infrastructure.

Find the full article on Government Technology Insider.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
1 5 344
Level 17

Welcome back! I hope y'all had a happy and healthy holiday break. I'm back in the saddle after hosting a wonderful Christmas dinner for 20 friends and family. I had some time off as well, which I used to work a bit on my blog as well as some Python and data science learning.

As usual, here's a bunch of links from the internet I hope you'll find useful. Enjoy!

Team that made gene-edited babies sentenced to prison, fined

I wasn't aware we had reached the point of altering babies' DNA, but here we are.

2019 Data Breach Hall of Shame: These were the biggest data breaches of the year

I expect a longer list from 2020.

Bing’s Top Search Results Contain an Alarming Amount of Disinformation

A bit long, but worth some time and a discussion. I never think about how search engines try to determine the veracity of the websites returned in a search.

Google and Amazon are now in the oil business

File this under "Do as I say, not as I do."

Seven Ways to Think Like a Programmer

An essay about data that warmed my heart. I think a lot of this applies to every role, especially for those of us inside IT.

The other side of Stack Overflow content moderation

Start this post by reading the summary, then take in some of the specific cases he downvoted. The short of it is this: humans are horrible at communicating through texts, no matter what the forum.

This Is How To Change Someone’s Mind: 6 Secrets From Research

If you want to have more success at work, read this post. I bet you can think of previous discussions at work and understand where things went wrong.

For New Year's Eve I made something special - 6 pounds of pork belly bites in a honey soy sauce. They did not last long. No idea what everyone else ate, though.

IMG_3763.JPG

Read more
1 31 860
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by my colleague Jim Hansen about the state of security and insider threats for the federal government and what’s working to improve conditions. We’ve been doing these cyber surveys for years and I always find the results interesting.

Federal IT professionals feel threats posed by careless or malicious insiders and foreign governments are at an all-time high, yet network administrators and security managers feel like they’re in a better position to manage these threats.

Those are two of the key takeaways from a recent SolarWinds federal cybersecurity survey, which asked 200 federal government IT decision makers and influencers their impressions regarding the current security landscape.

The findings showed enterprising hackers are becoming increasingly focused on agencies’ primary assets: their people. On the bright side, agencies feel more confident to handle risk thanks to better security controls and government-mandated frameworks.

People Are the Biggest Targets

IT security threats posed by careless or untrained insiders and nation states have risen substantially over the past five years. Sixty-six percent of survey respondents said things have improved or are under control when it comes to malicious threats, but when asked about careless or accidental insiders, the number decreased to 58%.

Indeed, hackers have seen the value in targeting agencies’ employees. People can be careless and make mistakes—it’s human nature. Hackers are getting better at exploiting these vulnerabilities through simple tactics like phishing attacks and stealing or guessing passwords. The most vulnerable are those with access to the most sensitive data.

There are several strategies agencies should consider to even the playing field.

Firstly, ongoing training must be a top priority. All staff members should be hyper-aware of the realities their agencies are facing, including the potential for a breach and what they can do to stop it. Simply creating unique and undetectable passwords or reporting suspicious emails might be enough to save the organization from a perilous data breach. Agency security policies must be updated and shared with the entire organization at least once a month, if not more. Emails can help relay this information, but live meetings are much better at conveying urgency and importance.

Employing a policy of zero trust is also important. Agency workers aren’t bad people, but everyone makes mistakes. Data access must be limited to those who need it and security controls, such as access rights management, should be deployed to monitor and manage access.

Finally, agencies must implement automated monitoring solutions to help security managers understand what’s happening on their network at all times. They can detect when a person begins trying to access data they normally wouldn’t attempt to retrieve or don’t have authorization to view. Or perhaps when someone in China is using the login credentials of an agency employee based in Virginia. Threat monitoring and log and event management tools can flag these incidents, making them essential for every security manager’s toolbox.

Frameworks and Best Practices Being Embraced, and Working

Most survey respondents believe they’re making progress managing risk, thanks in part to government mandates. This is a sharp change from the previous year’s cybersecurity report, when more than half of the respondents indicated regulations and mandates posed a challenge. Clearly, agencies are starting to get used to—and benefit from—programs like the Risk Management Framework (RMF) and Cybersecurity Framework.

These frameworks help make security a fundamental component of government IT and provide a roadmap on how to do it right. With frameworks like the RMF, developing a better security hygiene isn’t a matter of “should we do this?” but a matter of “here’s how we need to do this.” The frameworks and guidelines bring order to chaos by giving agencies the basic direction and necessities they need to protect themselves and, by extension, the country.

A New Cold War

It’s encouraging to see recent survey respondents appearing to be emboldened by their cybersecurity efforts. Armed with better tools, guidelines, and knowledge, they’re in a prime position to defend their agencies against those who would seek to infiltrate and do harm.

But it’s also clear this battle is only just beginning. As hackers get smarter and new technologies become available, it’s incumbent upon agency IT professionals to not rest on their laurels. We’re entering what some might consider a cyber cold war, with each side stocking up to one-up the other. To win this arms race, federal security managers must continue to be innovative, proactive, and smarter than their adversaries.

Find the full article on Federal News Network.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
0 11 677
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by my colleague Jim Hansen where he provides tips on leveraging automation to improve your cybersecurity, including deciding what to automate and what tools to deploy to help.

Automation can reduce the need to perform mundane tasks, improve efficiency, and create a more agile response to threats. For example, administrators can use artificial intelligence and machine learning to ascertain the severity of potential threats and remediate them through the appropriate automated responses. They can also automate scripts, so they don’t have to repeat the same configuration process every time a new device is added to their networks.

But while automation can save enormous amounts of time, increase productivity, and bolster security, it’s not necessarily appropriate for every task, nor can it operate unchecked. Here are four strategies for effectively automating network security within government agencies.

1. Earmark What Should—And Shouldn’t—Be Automated.

Setting up automation can take time, so it may not be worth the effort to automate smaller jobs requiring only a handful of resources or a small amount of time to manage. IT staff should also conduct application testing themselves and must always have the final say on security policies.

Security itself, however, is ripe for automation. With the number of global cyberattacks rising, the challenge has become too vast and complex for manual threat management. Administrators need systems capable of continually policing their networks, automatically updating threat intelligence, and monitoring and responding to potential threats.

2. Identify the Right Tools.

Once the strategy is in place, it’s time to consider which tools to deploy. There are several security automation tools available, and they all have different feature sets. Begin by researching vendors with a track record of government certifications, such as Common Criteria, or are compliant with the Defense Information Systems Agency requirements.

Continuous network monitoring for potential intrusions and suspicious activity is a necessity. Being able to automatically monitor log files and analyze them against multiple sources of threat intelligence is critical to being able to discover and, if necessary, deny access to questionable network traffic. The system should also be able to automatically implement predetermined security policies and remediate threats.

3. Augment Security Intelligence.

Artificial intelligence and machine learning should also be considered indispensable, especially as IT managers struggle to keep up with the changing threat landscape. Through machine learning, security systems can absorb and analyze data retrieved from past intrusions to automatically and dynamically implement appropriate responses to the latest threats, helping keep administrators one step ahead of hackers.

4. Remember Automation Isn’t Automatic.

The old saying “trust but verify” applies to computers as much as people. Despite the move toward automation, people are and will always be an important part of the process.

Network administrators must conduct the appropriate due diligence and continually audit, monitor and maintain their automated tasks to ensure they’re performing as expected. Updates and patches should be applied as they become available, for example.

Automating an agency’s security measures can be a truly freeing experience for time- and resource-challenged IT managers. They’ll no longer have to spend time tracking down false red flags, rewriting scripts, or manually attempting to remediate every potential threat. Meanwhile, they’ll be able to rest easy knowing the automated system has their backs and their agencies’ security postures have been improved.

Find the full article on Government Computer News.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
0 11 717
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by my colleague Jim Hansen where he discusses some ideas on improving agency security, including helping your staff develop cyberskills and giving them the tools to successfully prevent and mitigate cyberattacks.

Data from the Center for Strategic and International Studies paints a sobering picture of the modern cybersecurity landscape. The CSIS, which has been compiling data on cyberattacks against government agencies since 2006, found the United States has been far and away the top victim of cyber espionage and cyber warfare.

These statistics are behind the Defense Department’s cybersecurity strategy for component agencies that details on how they can better fortify their networks and protect information.

DoD’s strategy is built on five pillars: building a more lethal force, competing and deterring in cyberspace, strengthening alliances and attracting new partnerships, reforming the department, and cultivating talent.

While aspects of the strategy don’t apply to all agencies, three of the tactics can help all government offices improve the nation’s defenses against malicious threats.

Build a Cyber-Savvy Team

Establishing a top-tier cybersecurity defense should always start with a team of highly trained cyber specialists. There are two ways to do this.

First, agencies can look within and identify individuals who could be retrained as cybersecurity specialists. Prospects may include employees whose current responsibilities feature some form of security analysis and even those whose current roles are outside IT. For example, the CIO Council’s Federal Cybersecurity Reskilling Academy trains non-IT personnel in the art and science of cybersecurity. Agencies may also explore creating a DevSecOps culture intertwining development, security, and operations teams to ensure application development processes remain secure and free of vulnerabilities.

Second, agencies should place an emphasis on cultivating new and future cybersecurity talent. To attract new talent, agencies can offer potential employees the opportunity for unparalleled cybersecurity skills training, exceptional benefits, and even work with the private sector. The recently established Cybersecurity Talent Initiative is an excellent example of this strategy in action.

Establish Alliances and Partnerships

The Cybersecurity Talent Initiative reflects the private sector’s willingness to support federal government cybersecurity initiatives and represents an important milestone in agencies’ relationship with corporations. Just recently, several prominent organizations endured what some called the cybersecurity week from hell when multiple serious vulnerabilities were uncovered. They’ve been through it all, so it makes sense for federal agencies to turn to these companies to learn how to build up their own defenses.

In addition to partnering with private-sector organizations, agencies can protect against threats by sharing information with other departments, which will help bolster everyone’s defenses.

Arm Your Team With the Right Tools

It’s also important to have the right tools to successfully prevent and mitigate cyberattacks. Continuous monitoring solutions, for example, can effectively police government networks and alert managers to potential anomalies and threats. Access rights management tools can ensure only the right people have access to certain types of priority data, while advanced threat monitoring can keep managers apprised of security threats in real-time.

Of course, IT staff will need continuous training and education. A good practice is implementing monthly or at least bi-monthly training covering the latest viruses, social engineering scams, agency security protocols, and more.

The DoD’s five-pillared strategy is a good starting point for reducing the risk of the nation. Agencies can follow its lead by focusing their efforts on cultivating their staff, creating stronger bonds with outside partners, and supporting this solid foundation with the tools and training necessary to win the cybersecurity war.

Find the full article on Government Computer News.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
1 6 701