Category: Security

Posted on

Meraki Administration Overview

This is a useful webinar or video of Cisco Meraki administration (link below). Meraki is the ultimate cloud-managed solution, in my opinion. I use it at my job and can verify that it is a solid product, possibly one of the best out there in the networking world. It is ubiquitous and seems to be growing even more steadily, as evidenced below. These are very impressive statistics, especially the 20 PB (petabytes) of daily traffic – we do not see PB referenced a lot even in the modern data-driven world. But 20 PB DAILY is a LOT of data!

Meraki Metrics

The webinar gets very good once you pass the first 5 introductory minutes. It is geared towards Meraki in schools, but the basics of how Meraki simplifies network management complexity are covered. Besides, universities, public or private K-12 schools, along with all businesses and entities all need to have reliable, safe, and secure networking and proper management tools.

Some items covered are Meraki WiFi, and IoT and switch device management. Also covered are rules for a Meraki network – example given was a simple block of bit torrents, which are files that are truly detrimental to any and all networks. Finally, the Cisco webinar covered environmental sensors and video cameras. Meraki is very advanced with these last two areas. Network administrators can monitor video cameras and sensors in real-time because they too are networked via IP and connected within the Meraki environment. The video management is highly detailed and advanced. There is no need for additional storage nor is there a need for video software to watch the videos, given that the videos are viewed within the Meraki interface (they can be shared or exported from there if needed). And sensors such as temperature controls can be remotely configured and monitored as well.

This is the link to the Meraki webinar:

Posted on

Veeam Cybersecurity Poll

I use Veeam back up software for Microsoft 365 backups. It is an excellent, efficient, and effective backup program. It is used specifically for team SharePoint sites, user mailboxes, and user OneDrives (‘My-SharePoint’). I installed the needed Veeam modules on a standalone Azure virtual machine which communicates to our related cloud services. Although this article is very useful, the headline is a bit misleading. 76% of organizations have not admitted to paying ransomware to criminals so they could recoup locked data. But 76% of organizations affected by ransomware did pay ransomware to hackers. Per Veeam’s survey: (we) “surveyed 1,000 IT leaders whose organizations had been successfully attacked by ransomware at least once during the past 12 months”. So, of those hacked, 76% had made some payouts. This is all very good information.

A very important additional piece of information is that 19% of those affected by ransomware (in this survey) did not need to pay any ransomware because … they had proper and secured backups. This, of course, is the objective. Ransomware breaches are failures in the penetration sense. But at least a proper organizational backup strategy can remedy any data loss. Once backup data is retrieved and restored, security breaches can be investigated, analyzed, and fixed.

Cybersecurity Research: 76% of Organizations Admit to Paying Ransomware Criminals, with One-Third Still Unable to Recover Data (veeam.com)

Posted on

Cloud Compliance and Security

This “Cloud One” product offering from Trend Micro looks very promising. In this day and age of explosive cloud service growth, monitoring of cloud services for infrastructure, security and compliance is essential.

What does it do? Cloud One does the following and more:

Run continuous scans against hundreds of industry best practice checks, including SOC2, ISO 27001, NIST, CIS, GDPR, PCI DSS, GDPR, HIPAA, AWS and Azure Well-Architected Frameworks, and CIS Microsoft Azure Foundations Security Benchmark.

Cloud One – Conformity | Trend Micro

Posted on

Me too!

Courtesy of:
https://www.darkreading.com/threat-intelligence/cartoon-phishing-intelligence-/d/d-id/1337593
Posted on

Microsoft Azure Storage Security

I am studying the Microsoft Azure Administrator modules off of the Microsoft “Learn” website. It is a great free resource to learn some of the hottest and most relevant modern Cloud technologies. This one particular area piqued my interest: data storage security. I know that many businesses and various leaders are pessimistic about the protection of their Cloud data. It makes sense. Why would any leader not think about the way in which their organization’s data is stored in the Cloud? To many leaders, the notion of their valuable data being moved to and handled in the Cloud does not necessarily make them feel warm and fuzzy [as we may see in the commercials ;> ]. Instead they have a healthy cynicism of their data handling. I agree with the healthy cynicism.

But Microsoft Azure has many ways in which to secure data. These include, but are not limited to, proper network security rules to block out most or all traffic; access control lists; strict internal roles based access; and good old-fashioned data encryption.

Azure automatically encrypts all data as it is stored or written to the cloud, i.e. is stored “at rest” [meaning, it is sitting on the disk, so to speak]. Any file that is written to Azure storage is encrypted with Storage Service Encryption (SSE). It is 256-bit AES encryption. This is very powerful encryption and is an industry standard. My favorite part of the SSE is that this encryption of the data that gets stored to disk does NOT affect performance. So, there is no degradation whatsoever to services. Encryption involves scrambling of bits and bytes and generally takes some resources, but Microsoft accomplishes this with no hit to resources.

Of course, in addition to the SSE security, the actual virtual disks themselves, if applicable, can be encrypted as well with ‘BitLocker’ for Windows or ‘dm-crypt’ for Linux . But I wanted to focus only on the Storage Security Encryption at this point. And this SSE should help any leader breathe a sigh of relief when thinking about their data security.

Microsoft Learn can be reached here

Posted on

SonicWall 802.11ac WiFi Access Points

SonicWall SonicWave 802.11ac [Wave 2] access points target multiple market types: retail, hospitality, healthcare, education, transportation, government & financial institutions, construction, and transportation. These versatile APs [access points] go above and beyond the usual offerings, with their security radio scanner, Capture Security Center and WCM or WiFi Cloud Manager capabilities.

SonicWall Stacked Wave 2 AP

Some stand out SonicWall Wave 2 AP feature details:

  • Assist with HIPAA & PCI compliance to protect customer or patient data
  • Can power on IP phones in hotel rooms
  • Monitor networks in real-time, complete with audit logs
  • Mesh technology for easy WiFi expansion
  • Capture ATP-driven “Deep Memory Inspection” of traffic
  • Ruggedized outdoor APs with solid “IP67” ratings for harsh weather

Read all about the SonicWall Wave 2 APs

Posted on

FREE Trend Micro House Call

Did you ever get that feeling that your computer was acting “funny” or was “too slow”, in an unusual sort of way? Or maybe you read a recent article about the latest malware or creepy hack attack that got you thinking about hijacked video cameras? Sometimes hacks can bypass your traditional antivirus or endpoint security. Every once in a while, I like to run the Trend Micro awesome free security scan.

There is nothing wrong with double checking your current security software! Two eyes are better than one. Trend Micro has a long track record in the security software world. They are well regarded and this is a very solid offering. Obviously, the fact that it is free makes it even better! It can be downloaded and quickly installed and run right away. Always run a full scan in this case [not the quick scan]- go big or go home, so to speak. If Trend Micro is currently in use, try the McAfee free option.

So far, so good:

Grab the free security scan here