Episode

microPhone9

Secured by Design Podcast Welcome

admin October 8, 2023 0

First off, let me thank you for viewing the Secured by Design Podcast Welcome. This podcast supports a book written by the same name. As a technology professional, I've seen a lot of things happen between the good and the truly ugly. This book was broken up into the multiple pillars that make up a technology stack. This podcast is being presented as a guide for protecting each pillar.

Not a lot of thought is given to users of technology system users. The service they provide is simply expected to be there when needed. Behind the scenes is a complete set of dynamics required to ensure a service can be delivered. Those in the business understand the multiple disciplines needed to operate computer-based systems.

Content:

What you will hear in this series of podcast pillars are best practices and a place to start securing an environment. An entire chapter has been dedicated to retrofitting an existing system. Many companies have old and outdated systems they cannot just rewrite. The book talks about steps that can be taken to shore up what's in place until a migration can be completed or an in-place upgrade can be completed.

One thing to keep in mind is there is no "one size fits all" solution so our hope is you take away the knowledge of how huge the problem is securing all pillars. Vendors do a good job releasing updates for their supported platforms but in many cases, older equipment cannot be patched leaving you with the question surrounding what to do about it. This is the dilemma many companies face. Which "latest and greatest" technology should be chosen to replace what has been in service and assess the impact for patching, upgrading, or replacing.

Thank You !!!!

Enjoy the Secured by Design Welcome podcast and, let us know if you have questions or ideas !!!!

Secured by Design Welcome

Technical Support

admin October 1, 2023 0

Technical support, also known as tech support or customer support, is a call centre type customer service provided by companies to advise and assist registered users with issues concerning their technical products. Traditionally done on the phone, technical support can now be conducted online or through chat.

Customer support specialists aid customers experiencing technical, software and/or hardware problems. Support duties and responsibilities typically include answering customers' technical questions via phone and email. Support engineers are responsible for diagnosing and troubleshooting various technical issues.

Tech support is often subdivided into tiers, or levels, to better serve a business or customer base. The number of levels a business uses to organize their support group is dependent on the business's needs regarding their ability to sufficiently serve their customers or users.

Structure:

The reason for providing a multi-tiered support system instead of one general support group is to provide the best possible service in the most efficient possible manner. Success of the organizational structure is dependent on the technicians' understanding of their level of responsibility and commitment. Customer response time commitments, and when to appropriately escalate an issue and to which level must be understood. A common support structure revolves around a three-tiered tech support system. Remote computer repair is a method for troubleshooting software related problems via remote desktop connections.

Challenges:

Many systems today utilize open-source software. The book speaks to this in the context of how difficult this can be to manage. It's not difficult to have an issue and the end user is not sure where the problem is. The better support infrastructure quickly cuts through the perceptions and gets to the root of the problem. When you do not have a good support model you can expect dissatisfaction and a difficult day at the office.

A common scam typically involves a cold caller claiming to be from a tech support department of a company like Microsoft. Such cold calls are often made from call centers based in India to users in English-speaking countries. Although increasingly these scams operate within the same country. The scammer will instruct the user to download a remote desktop program and once connected, use social engineering techniques involving Windows components. The caller then tries to persuade the victim that they need to pay for the computer to be fixed and then proceeds to steal money from the victim's credit card.

Our podcast goes into significant detail to describe why this pillar can make or break an organization.

Technical support

SAN/NAS Security

admin October 1, 2023 0

SAN/NAS security is the measures a company takes to protect critical enterprise and customer data within NAS environments from both internal and external threats. NAS security helps businesses take control of their network-attached storage rather than passively allowing incidents to happen.

In the server world, there are two types of storage. They are the SAN and the NAS. The main difference is how they attach to the server. Both types are intelligent devices requiring direct management and protection from inside and outside threats. Here are the two SAN/NAS device types covered in the podcast and the book:

Storage Array Network:

Storage area networks connect physical storage devices in a logical pool, so data stored on the devices is all accessible to an application or user. SANs are beneficial because they pull together data from multiple geographic locations. If an enterprise has flash arrays in two data centers, one in Scotland and one in New Zealand, they may need their CRM software to access customer data stored on devices in both data centers. SANs make that possible.

Network Attached Storage:

NAS devices are convenient and cost-effective solutions for storing and sharing data across a network. However, they also pose security risks if not properly encrypted. Encryption is the process of transforming data into an unreadable form that can only be decrypted by authorized parties.

If you change all passwords on that NAS server, it's still not secure. Hackers usually install hidden backdoors in the server. Those backdoors or rootkits then monitor every login, see every new password entered, and can regain control of the server any time they want. Making sure that your on-prem NAS is secure is one thing. Delivering secure network access to a remote workforce, looking to access business-critical information at different times from different locations, is a whole different ball game.

With business workloads moving to insecure home networks, protecting your endpoints from ransomware isn’t easy but it is critical. Not only does your storage administrator have to make sure that the data is secure at rest but also in transit – in addition to being always available. SAN/NAS security practices will be different, but the NAS will be more complex since its network connected.

SAN/NAS security

serverManagement2

Server Management

admin October 1, 2023 0

Server management is the organized management of cloud computing products and services that operate in the cloud. It refers to the processes, strategies, policies, and technology used to help control and maintain public and private cloud, hybrid cloud, or multi-cloud environments.

Almost gone are the days when companies had everything in one place. Most companies have moved away from proprietary hardware onto commodity hardware. Businesses have realized tremendous savings using commodity hardware which has more processing power than traditional systems. The chapter on server management is targeted towards ISP's providing compute services to customers. Those customers range from individuals to large businesses. Here are the three most common types of environments in use today:

Public Clouds:

Public clouds are managed by public cloud service providers, which include the public cloud environment's servers, storage, networking, and data center operations. Users may also opt to manage their public cloud services with a third-party cloud management tool.

Private Clouds:

A private cloud is a cloud computing environment dedicated to a single organization. Any cloud infrastructure has underlying compute resources like CPU and storage that you provision on demand through a self-service portal. In a private cloud, all resources are isolated and in the control of one organization.

Hybrid Cloud:

A hybrid cloud is a mixed computing environment where applications are run using a combination of computing, storage, and services in different environments—public clouds and private clouds, including on-premises data centers or “edge” locations.

Today, you are most likely using any combination of servers in any combination of cloud configurations. Depending on how you run your business determines what will work best for your business. We cover them all in our book. Maintaining security in these environments has its own challenges. Our book should provide a push towards decisions you will need to make.

Server Management

EPT Books / Viewer

Incident Reporting

admin October 1, 2023 0

Incident reporting (IR) is the process by which an organization handles a data breach or cyberattack. It is an effort to quickly identify an attack, minimize its effects, contain damage. Hopefully swift remediation of the cause and reduction the risk of future incidents.

Incident Reporting is the process of capturing, recording, and managing an incident occurrence such as an injury or potentially a breech. It entails documenting all the facts related to incidents. Incidents are generally accidents or events. These events cause injuries to workers or damage to property or equipment but we're talking system security.

The purpose of an incident report is to state the cause of the problem along with corrective actions that can be taken to minimize the risk of a future occurrence. The forms can also be used as safety documents, outlining potential safety hazards around the workplace.

Cyber Events:

Cyber incidents can have serious consequences. The theft of private, financial, or other sensitive data and cyber-attacks that damage computer systems can cause lasting harm to anyone engaged in personal or commercial online transactions. Such risks are increasingly faced by businesses, consumers, and all other users of the Internet.

Incident Assistance:

A private sector entity that is a victim of a cyber incident report can receive assistance from government agencies, which are prepared to investigate the incident, mitigate its consequences, and help prevent future incidents. For example, federal law enforcement agencies have highly trained investigators who specialize in responding to cyber incidents. Their express purpose is disrupting threat actors who caused the incident and preventing harm to other potential victims.

In addition to law enforcement, other federal responders provide technical assistance to protect assets, mitigate vulnerabilities, and offer on-scene response personnel to aid in incident recovery.

We talk about incident response in the podcast and the book. It is our hope this podcast provides something you may have not already thought about.

Incident reporting

Predictive Analytics

admin October 1, 2023 0

Predictive analytics is the process of using data to forecast future outcomes. The process uses data analysis, machine learning, artificial intelligence, and statistical models to find patterns that might predict future behavior.

This podcast is all about predicting the future based on data. Using finance organizations for example, combining multiple analytics methods. With these combinations one can improve pattern detection, identify criminal behavior, and prevent fraud. As cybersecurity becomes a growing concern, high-performance behavioral analytics examines all actions on a network in real time. These scans can spot abnormalities that may indicate fraud, zero-day vulnerabilities and advanced persistent threats.

Many companies use predictive models to forecast inventory and manage resources. Airlines use predictive analytics to set ticket prices. Hotels try to predict the number of guests for any given night to maximize occupancy and increase revenue. Predictive analytics enables organizations to function more efficiently.

Financial Industry:

The financial industry, with huge amounts of data and money at stake, has long embraced predictive analytics. They are used to detect and reduce fraud, measure credit risk, maximize cross-sell/up-sell opportunities and retain valuable customers. Commonwealth Bank uses analytics to predict the likelihood of fraud activity for any given transaction before it is authorized – within 40 milliseconds of the transaction initiation.

Model Types:

There are two types of predictive models. Classification models predict class membership. For instance, you try to classify whether someone is likely to leave, whether he will respond to a solicitation, whether he’s a good or bad credit risk, etc. Usually, the model results are in the form of 0 or 1, with 1 being the event you are targeting. Regression models predict a number. For example, how much revenue a customer will generate over the next year or the number of months before a component will fail on a machine.

Predictive analytics is the use of data, statistical algorithms, and machine learning techniques to identify the likelihood of future outcomes based on historical data. The goal is to go beyond knowing what has happened to provide a best assessment of what will happen in the future.

The book has an example of predicting login attempts from another country. What we did was leave the SSH daemon running and were able to block based on IP address during a specific time of day. This was a simple case but an example of implementing proactive measures based on collected data.

Predictive Analytics

Network Management

admin September 30, 2023 0

Network management is the process of administering and managing computer networks. Services provided by this discipline include fault analysis, performance management, provisioning of networks and maintaining quality of service.

Network monitoring involves the sum of applications, tools and processes used to provision, operate, maintain, administer, and secure network infrastructure. The overarching role of network monitoring is ensuring network resources are securely available to users efficiently, effectively, and quickly.

Management:

Network management helps organizations gain greater visibility into their networks. This involves identifying devices connected to the network, monitoring traffic, usage patterns, identifying and diagnosing issues. This level of insight can help to optimize network performance and prevent disruptions. For example, the network performance management team might want to map network response times 24/7 to avoid impacting the end-user experience. If there is an anomaly, the network performance management team will work closely with the network fault.

Current State:

Today’s systems are network connected internally and externally. The challenge this poses is ensuring access is appropriate and identifying threats to the infrastructure. One could argue if the network is unavailable or has been compromised everything grinds to a halt. While this is true, if any or all other pillars are unavailable, you have the same sum-total of nothing.

A network is a collection of computers, servers, mainframes, network devices, peripherals, or other devices connected to allow data sharing. An example of a network is the Internet, which connects millions of people all over the world. For this reason, all podcasts and pillars give equal weight towards the importance of proper security.

A wireless network is a computer network that uses wireless data connections between network nodes. Wireless networking allows homes, telecommunications networks, and business installations to avoid the costly process of introducing cables into a building, or as a connection between various equipment locations. Wireless networks provide the biggest challenge for security personnel. Because wireless is more complex, we talk more about the challenges of securing wireless extensively in the book.

Network Management

environmentMonitoring

Environment Monitoring

admin September 30, 2023 0

Environment monitoring enables you to centrally manage all devices in your data centers. It allows you to connect to, collect data from, and configure your devices via SNMP, HTTPs, and other protocols for IP-based networks for  starters.

Data center monitoring involves tracking key metrics in real time to monitor the status and health of a data center. The data collected is stored and visualized using Data Center Infrastructure Management (DCIM) software, allowing you to make data-driven decisions.

Security:

Security monitoring, sometimes referred to as "security information monitoring (SIM)" or "security event monitoring (SEM)," involves collecting and analyzing information to detect suspicious behavior or unauthorized system changes on your network, defining which types of behavior should trigger alerts, and acting against events. Why security monitoring is important is because it helps you know how to detect and defend against attacks.

You can monitor all aspects of a data center from network performance to energy consumption figures and more. The goal is to ensure that your data center is operating as efficiently as possible. Our book is about building and maintaining secure systems. This is a heavy lift which is why companies have dedicated staff for this pillar.

Hackers frequently use a variety of cybersecurity attacks to get through an organization’s network. Having cyber security monitoring in place is the only way to detect one or more attacks being used against your organization.

Incidents:

To monitor data security incidents, you need to collect and analyze data security logs. These are the records of the activities and events that occur on your network. Data security logs can provide you with valuable information about the source, nature, impact, and frequency of data security incidents. Improving the overall efficiency of your data center will enable you to get more out of existing assets and reduce overall operating costs. There are varying levels of environment monitoring, and we cover a small segment on the podcast.

Environment Monitoring

Data Collection

Data Collection

admin September 30, 2023 0

Data collection or data gathering is the process of gathering and measuring information on targeted variables in an established system. Accurate collection enables one to answer relevant questions and evaluate outcomes. Regardless of the field of or preference for defining data (quantitative or qualitative). Accurate data is essential to maintain research integrity. The selection of appropriate collection instruments (existing, modified, or newly developed) and delineated instructions for their correct use reduce the likelihood of errors.

There is a necessity for a clearly defined communication structure as a precondition for establishing monitoring systems. Uncertainty about the flow of information is not recommended as a poorly organized communication structure leads to lax monitoring. This will surely limit the opportunities for detecting errors. Quality control is also responsible for the identification of actions necessary for correcting faulty collection practices and minimizing such future occurrences. A team is more likely to not realize the necessity to perform these actions if their procedures are written vaguely. These procedures should be based on feedback or education for accurate and timely results.

Methods:

Our data collection podcast walks you through methods, tips, and techniques for collection and crunching small to large volumes of data. We also talk about the challenges of collecting and presenting high-speed, high-volume data in real time. Deciding what data to collect will change over time and the podcast speaks to how to not get cornered when processing collected data.

Retention:

We also spend time talking on data retention. There are rules and regulations for retention and that could become a problem when collecting massive amounts of data. This topic has infinite possibilities so if you have questions after listening, we have done our job. Processes and procedures for collecting data will evolve organically. You should expect presentation methods to change as well to meet future needs of the organization.

Data Collection
Data Collection

Applications Security

admin September 30, 2023 0

Application security is the process of developing, adding, and testing security features within applications. The purpose is to prevent security vulnerabilities against threats such as unauthorized access and modification. Web application security is a branch of information security. That branch deals specifically with the security of websites, web applications, and web services. At a high level, web application security draws on the principles of application security. These principles are applied specifically to the internet and web systems.

Considerations:

When considering application security, you must consider all tasks that introduce a secure software development life cycle to development teams. Its final goal is to improve security practices and, through that, to find, fix and preferably prevent security issues within applications. Customers may become hesitant to give you sensitive information if your company does not have a robust system for cybersecurity. Knowing your commitment to application security puts your customers' worries at ease. Customers understand that you have thought of the right measures needed to protect their data.

Application security may include hardware, software, and procedures that identify or minimize security vulnerabilities. A router that prevents anyone from viewing a computer’s IP address from the Internet is a form of hardware application security. But security measures at the application level are also typically built into the software, such as an application firewall that strictly defines what activities are allowed and prohibited. Procedures can entail things like an application security routine that includes protocols such as regular testing.

Cloud Computing:

Securing applications in the cloud poses some extra challenges. Because cloud environments provide shared resources, special care must be taken. Special care is required to ensure that users only have access to the data they are authorized to view in their cloud-based applications. Sensitive data is also more vulnerable in cloud-based applications. This is because that data is transmitted across the Internet from the user to the application and back.

This podcast will walk you through implementing and testing application security as presented in our book.

Application Security

Latest Posts

We Love Grilling Baskets

We Love Grilling Baskets

admin June 18, 2025 0
Fishing With Fluorocarbon Leaders

Fluorocarbon Leaders Are Like Discovering Fire

admin April 21, 2025 0
Flaming Fiend Carolina BBQ Sauce

Carolina BBQ Sauce

admin April 19, 2025 0
Bent Sombrero

Bent Sombrero for Awesome Mexican Dishes

admin April 14, 2025 0
Adult Lime Beverage

Ten Years and We’re Just Getting Started

admin April 6, 2025 0