Just two people trying to do IT and Security the right way.
We’re starting over again. Yup! Two steps forward, one step back. This time it’s not so bad. We found more documentation on Microsoft 365. Based on this, we’ve decided to review the signup process. The only way to do that is to start over. LINKS 1. Microsoft 365: Getting started FIND US ON 1. Facebook 2. Twitter - DamienHull...
As the title says, we got it wrong. It happens. Unfortunately this is not a topic you want to get wrong. LINKS 1. SANS Webcast: Why as a DoD Contractor Do I need to Be CMMC Compliant 2. Certified Professionals and Assessors FIND US ON 1. Facebook 2. Twitter - DamienHull...
We’re moving forward with our Microsoft 365 migration. Signed up for an account using the 365 Business Premium license. Setup admin accounts for our selves. Getting ready to setup test accounts with Business Premium Licenses. LINKS 1. Plan your setup of Microsoft 365 for business - We used this document 2. Get started - More documentation on Microsoft 365 FIND US ON 1. Facebook 2. Twitter - DamienHull...
You can’t have a good security program without Polices and Procedures. We’re not the best at writing Polices. Truth is, we’re like most people. Where do I start? How do I write a policy? Lucky for us, there are resources out there to help us get started. This is a big step in the right direction for us. However, we’re just scratching the surface. We have a long way to go. SANS Polices 1. Security Policy Templates - All of the SANS policies 2. Software Installation Policy - We will be using this ...
Another episode on migrating to Microsoft 365. Most organizations are using it. It’s almost a standard in the business world. Should we be using Microsoft 365? Can we? FIND US ON 1. Facebook 2. Twitter - DamienHull
Time to start thinking about our Critical Security Controls audit. This will include policies and procedures. We can’t avoid good documentation. FIND US ON 1. Facebook 2. Twitter - DamienHull
Lots to talk about in this episode. We’re using pfSense firewalls in our virtual lab environment. We’ve been documenting things on slab.com. And we’ve been evaluating cloud security. Links 1. pfSense 2. slab.com 3. CMMC - Cybersecurity Maturity Model Certification FIND US ON 1. Facebook 2. Twitter - DamienHull...
Time to review the security of notion.so. They are responsible for protecting our data. We are responsible for putting it there. We need to make sure their security meats our requirements. If they don’t, we’ll have to look for a different solution. LINKS 1. notion.so 2. notion security - an overview of their security 3. 9 Common Questions About SOC 2 Compliance 4. S mall Business Information Security: The Fundamentals FIND US ON 1. Facebook 2. Twitter - DamienHull...
We’re taking a step back and focusing on documentation. We spend a lot of time looking things up. Time that could have been spent learning new things. Better documentation means less time spent looking things up. To help fix this problem, we’re looking into notion.so. Notion.so is a web application designed for things like documentation. We’re still in the testing phase. So far, things are looking good. We have a long way to go. LINKS 1. notion.so 2. notion security - an overview of their securi...
We signed up for the Purple Teaming class put on by Black Hills Information Security. It was a bit overwhelming, but we learned a lot. LINKS 1. Class Git Hub Repository 2. Sysmon 3. The Hunting ELK 4. BadBlood FIND US ON 1. Facebook 2. Twitter - DamienHull...
