Information Technology Navigator

Is your organization ready to modernize its security operations with Microsoft Azure Sentinel — but unsure where to start? Whether you're just beginning your Sentinel journey or looking to maximize your existing investment, Daymark’s expert-led Proof of Concept (PoC) provides the hands-on experience and technical guidance you need.

Protecting your organization from sophisticated cyber threats requires more than isolated tools and fragmented systems. Microsoft Azure Sentinel — a cloud-native Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solution — offers a unified approach to modern security operations — but success depends on knowing how to deploy and use it effectively.

Read More

Is your organization struggling to balance mobile security with employee productivity? Are you confident that only secure, compliant devices can access your business applications? You are not alone. In today’s hybrid and mobile-first work environment, organizations face the challenge of securing corporate data while ensuring employees can work efficiently from anywhere. Without a comprehensive mobile device management (MDM) solution, companies risk data breaches, unauthorized access, and compliance violations.

Daymark’s Microsoft Intune Workshop

Daymark is here to help. With our Microsoft Intune Workshop, your organization can learn how to gain complete control over mobile security, streamline IT operations, and empower your workforce with seamless and secure access to business applications—no matter where they work.

Read More

In today’s cloud-driven world, controlling cloud costs without sacrificing performance is a key challenge. Microsoft Azure FinOps (Financial Operations) is a framework that brings a strategic approach to managing cloud expenditures, transforming it from a guessing game into a structured process. For businesses utilizing Azure, learning FinOps fundamentals can unlock new cost-saving opportunities and enhance collaboration across finance, IT, and business teams.

Daymark Solutions’ comprehensive Azure FinOps workshop offers hands-on labs, expert-led discussions, and interactive exercises designed to teach critical cost management skills. Participants dive into rightsizing Azure resources, managing orphaned resources, and leveraging Azure’s unique cost-saving options like Azure Hybrid Benefit, Reserved Instances, and Azure Savings Plans. Each session balances theory with practical exercises to build a solid foundation for financial governance within Azure environments.

Read More

On October 15, 2024, the final rule for the Cybersecurity Maturity Model Certification (CMMC) program was officially published. This rule, codified as 32 CFR, becomes effective on December 16, 2024. The CMMC journey began in 2019 with DFARS Case 2019-D041, and after four years of development, the rule is now finalized. Let’s take a look at the history of the CMMC timeline, what's to come, and how organizations can prepare for what is next.

CMMC Rulemaking Timeline

The rulemaking process illustrated in the graphic below shows a high-level workflow from the Government Accountability Office (GAO).

Figure 1: GAO Federal Rulemaking

Read More

Read More

One of the most common cyberattack vectors is compromised credentials. Malicious actors with access to AI technologies have increased the sophistication and effectiveness of their attacks. The rise in phishing attacks and malicious actors gaining access to AI technologies has resulted in sharp increases in credential theft. In addition to credential theft, token theft or hijacking is also on the rise. Staying one step ahead of the bad guys is a constant battle for organizations of every size.

Why is This Critical Now? The Deadline is Looming.

In March 2023, Microsoft announced the deprecation of managing authentication methods in the legacy multifactor authentication and self-service password reset (SSPR) policies. Beginning September 30, 2025, authentication methods can't be managed in these legacy MFA and SSPR policies.

Enter Microsoft Entra ID!

Getting Started with Entra ID

Read More

Pure Storage Portworx has established itself as the gold standard for cloud-native Kubernetes data storage, offering scalable persistent storage, multi-cloud data mobility and zero RPO data protection and disaster recovery. At Daymark, we have been impressed with Portworx and view it as being in a class of its own when compared to other suppliers of storage for Kubernetes-orchestrated container apps. Once you transition from development to production with Kubernetes, persistent storage and enterprise data services become critical components of your Kubernetes environment.

A recent report by research house GigaOm concurs, recognizing Portworx as an “Outperformer” — the only product with that designation in the report. The GigaOm Radar for Kubernetes Data Storage Report reviewed nine vendors in the Kubernetes data storage space, down from twenty-two vendors in 2021.

Read More

Companies performing work in the Defense Industrial Base (DIB) often contemplate whether they should use a cloud service provider for their business, then wonder which version of the cloud service they should consider. The rules and regulations passed down to the DIB from the Federal Government are quite confusing when it comes to trying to figure out what their requirements are. In this article, we will try to clear some of that up!

Read More

Protecting sensitive and classified information when working for the Federal Government requires constant vigilance. When the government issues a contract, it must specify to the performing contractor when covered defense information (CDI) or controlled unclassified information (CDI) will be generated under the contract. Many prime contractors “flowdown” every FAR and DFARS clause to subcontractors and vendors without considering if that subcontractor or vendor will be processing, storing, or transmitting CDI. Anticipating where CDI may reside once awarded a contract can be a challenge. Here is guidance on ways CDI can flowdown to subcontractors and the defense industrial base (DIB), and steps those organizations should take before signing an agreement.

An Introduction to DFARS

Read More

DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders to improve and monitor the domain’s protection from fraudulent email.

DMARC is designed to fit into an organization’s existing inbound email authentication process. The way it works is to help email receivers determine if the purported message “aligns” with what the receiver knows about the sender. If not, DMARC includes guidance on how to handle the “non-aligned” messages. Because cyber security continues to be a top priority for businesses, DMARC adoption is on the rise for several good reasons.

Top 3 Reasons to Implement DMARC

Read More