banner-why-daymark.jpg

Information Technology Navigator

Tips, Advice & Insights from Technology Pros

An Inside Look at Azure Security Center

Properly securing assets is a constant challenge for IT. Staying one step ahead of the bad actors is a never-ending job and with a well-known shortage of IT security professionals, it’s critical that those of us responsible for protecting systems, networks and data are smart about deploying tools that will help remediate or minimize cybersecurity risks. Microsoft built Azure Security Center to help. It aligns Azure resources with Microsoft best practices to mitigate risks associated with security vulnerabilities that could lead to a breach or other security incident.

Microsoft Security Quick Facts

Read More
Wed, Mar 24, 2021
Share:   

Continuous Access Evaluation: Near Real Time Policy and Security Enforcement

Secure access to email and other business productivity tools continues to be a top priority for IT administrators. Microsoft services, such as Azure Active Directory and Office 365, use OpenID Connect for authentication and OAuth 2.0 for authorization. Here’s how that process works: When Outlook connects to Exchange Online, the API requests are authorized using OAuth 2.0 Access Tokens. They are valid for one hour. When the tokens expire, the Outlook client is redirected back to Azure AD to refresh them. This provides an opportunity to re-evaluate policies for user access. If a user has been disabled in the directory or because of a Conditional Access policy, the admin might choose not to refresh the token.

Read More
Tue, Jan 05, 2021
Share:   

Heed Emergency Directives Related to the SolarWinds Orion Hack

To say the cybersecurity community is a buzz over the recent news of the highly-sophisticated data breaches at many U.S. government agencies this month due to vulnerabilities in the SolarWinds Orion IT management platform is an understatement. Experts believe that Russian government hackers are behind this global espionage which may have started as early as last spring. The threat actors conducted a supply chain attack on SolarWinds Orion Platform with a backdoor through a FireEye software update. The SolarWinds versions impacted are 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1. Agencies affected include the Pentagon, the Department of Homeland Security and the Department of the Treasury.

Read More
Wed, Dec 16, 2020
Share:   

Pandemic Threat Reality


Mimecast held their 2020 Cyber Resilience Summit remotely this year covering a wide range of topics. You can read our previous blog “Mimecast Cyber Resilience Summit 2020 – Key Takeaways” for those highlights. In addition, Mimecast provided some alarming data on the pandemic threat reality that we are facing.

 

Mimecast collected 100 days of detection data from January 2020 to April 2020. The results below reveal a 36.9% INCREASE in threat detections, where the key focus of threat actors has become high volume Spam and Impersonation. Here’s the breakdown: 

Read More
Wed, Sep 30, 2020
Share:   

Mimecast Cyber Resilience Summit 2020 – Key Takeaways

 

Mimecast held their 2020 Cyber Resilience Summit remotely this year, providing some interesting updates to their suite of cyber security tools.  As a leading Email Security Gateway, Mimecast has expanded their portfolio over the last few years into a more robust and comprehensive framework that they have dubbed “Email Security 3.0”.

 

The Email Security 3.0 Framework can be broken out into three zones of protection:

Zone 1:  Perimeter – This is your traditional email delivery path and is saturated with relentless attacks.  In order to protect against these threats, Mimecast leverages their advanced Targeted Threat Protection including impersonation protection, attachment sandbox, and URL Protection.

Read More
Mon, Sep 21, 2020
Share:   

State-Backed Hackers Targeting All Exchange Servers

On February 11 2020, Microsoft released a patch for Exchange Servers that would fix a vulnerability pertaining to unauthorized access to the backend of the Exchange Control Panel. There is now confirmation from a source at the United States Department of Defense that multiple nation-state backed actors and other ransomware gangs are actively and maliciously exploiting this vulnerability on unpatched systems. The vulnerability results from the Exchange Server failing to properly create unique cryptographic keys at the time of installation. The hackers’ sophisticated exploits circumvent encryption, granting them full access of the server.

It is imperative that the latest patches from February 11th be applied as even a single Exchange instance puts you at risk.

Read More
Tue, Mar 10, 2020
Share:   

Beyond Disaster Recovery

 

For many of us, a rock-solid business continuity/disaster recovery (BC/DR) plan can mean the difference between a good night’s sleep and living in constant fear of impending doom. Hyperbole aside, many BC/DR plans are under-tested, under-architected, and misunderstood by businesses. Sure, you may have a copy of your data at a secondary site, but how do you know it’s accessible to applications in the event of a failover? How do you ensure your most business-critical applications (complex interdependencies and all) come online properly and quickly? How do you automate and orchestrate changes to networking or startup scripts when your VMs fail-over? Just as importantly, how do you effectively test that all of this will work when it matters most? 

Read More
Tue, Apr 02, 2019
Share:   

Nuances of Azure’s Shared Responsibility Security Model

The benefits of migrating applications to Microsoft’s Azure cloud make a very compelling business case – agility, scalability, a pay for what you use cost model, etc. But as you move workloads to Azure, don’t assume they are automatically protected, because while Azure does ensure a secure infrastructure, you are responsible for ensuring protection of your data – not Microsoft.

It’s all detailed in Microsoft’s Shared Responsibility Security Model. Understanding where the Shared Responsibility model starts and stops is critical to ensuring your data is secure and compliant. Here are some key considerations:

Read More
Wed, Feb 27, 2019
Share:   

Reduce Costs and Network Bandwidth for Cloud Storage – Dedupe it!

As businesses continue to look to the cloud to improve efficiency, reduce costs and meet the need for agility, data protection has been a workload worth strong consideration. As an alternative to tape, the cloud provides the potential for “cheap and deep” storage targets for data that needs longer-term retention, but not necessarily the recovery performance of local storage. However, those who have migrated backup to the cloud have been unpleasantly surprised by high cloud storage costs and suboptimal performance. The culprit: lack of deduplication.

Read More
Thu, Jun 21, 2018
Share:   

Pending Initial Public Offering (IPO) Puts Security in the Spotlight

Becoming a publicly traded company has a profound impact on the way a business operates. The technology that is in place, and how it is deployed, can also come under close scrutiny. That was certainly the case for one of Daymark’s life science clients whose pending IPO put a spotlight on network security and data protection. In this blog, Steve Caprio, Daymark Cloud Consultant, answers some questions on the security journey of this enterprise.

Read More
Thu, Apr 26, 2018
Share: