1. OCAU Merchandise now available! Check out our 20th Anniversary Mugs, Classic Logo Shirts and much more! Discussion here.
    Dismiss Notice

General InfoSec discussion

Discussion in 'Business & Enterprise Computing' started by Gunna, Nov 18, 2019.

  1. 2SHY

    2SHY Member

    Joined:
    Aug 10, 2010
    Messages:
    7,707
    Location:
    Sydney NSW Australia
  2. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,016
    Location:
    Brisbane
    freaky_beeky likes this.
  3. OP
    OP
    Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,624
    Location:
    Brisbane
  4. wintermute000

    wintermute000 Member

    Joined:
    Jan 23, 2011
    Messages:
    2,295
    (Proceeds to block 445 as instructed)
     
    richard0296 likes this.
  5. scrantic

    scrantic Member

    Joined:
    Apr 8, 2002
    Messages:
    1,738
    Location:
    3350
  6. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,016
    Location:
    Brisbane
    Pretty highly unlikely to hit orgs, very few places are rolling 1903 and 1909
     
  7. OP
    OP
    Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,624
    Location:
    Brisbane
    1000 devices in our org.

    1809 goes EoL in May
     
  8. chip

    chip Member

    Joined:
    Dec 24, 2001
    Messages:
    3,848
    Location:
    Pooraka Maccas drivethrough
    upgrade to Enterprise!
     
  9. IACSecurity

    IACSecurity Member

    Joined:
    Jul 11, 2008
    Messages:
    759
    Location:
    ork.sg
    I like how InfoSec discussion has devolved to security patches and compromises :)
    Disappointment we haven't mentioned firewalls for a while though.
     
    elvis likes this.
  10. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,920
    I don't need to patch, I've got a security appliance

    [​IMG]
     
    yoink likes this.
  11. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,016
    Location:
    Brisbane
    It's amusing seeing how rapidly patching processes go to shit when people need to meet level 3 of essential eight. Other fun one recently was an org wanting a small subset of whitelisted machines for high risk users, okay whatever, but the number of business processes that broke when those high value users could only use specific machine was incredible. Showed a lot of cruft. Also possibly one illegal practice :lol:
     
  12. 2SHY

    2SHY Member

    Joined:
    Aug 10, 2010
    Messages:
    7,707
    Location:
    Sydney NSW Australia
  13. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,920
    All the quick shit people are doing now in response to Covid19, is going to have a long tail when it comes to Infosec.
     
    Gargamel and Gunna like this.
  14. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,016
    Location:
    Brisbane
    Yup yup, I'm already working with mobs to help them limit the potential risk already.

    Done a number of tests in the past with a line saying 'well this is possible but no account we configured had remote access so we couldn't explore the impact of this' which probably have a new risk rating now :)
     
  15. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,030
    Location:
    Brisbane
    Indeed it will, but they should have had proper BCP in place before now.

    I don't blame the hasty reaction to keeping businesses running and keeping people employed. I blame the inaction over a decade to this point.

    Proper Planning Prevents Piss Poor Performance.
     
  16. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,920
    No plan of operations extends with any certainty beyond the first contact with the main hostile force.

    Lotsa places finding that out right about now. Even places that have sunk time and money into BCP.
     
  17. wintermute000

    wintermute000 Member

    Joined:
    Jan 23, 2011
    Messages:
    2,295
    More guaranteed employment, yay
     
  18. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,030
    Location:
    Brisbane
    I'm not sure why strange war analogies are in place, but all my BCP conversations with business owners start with the question "your building has vanished - how do you keep business going for the next month? The next 6 months?". That then leads into a comprehensive discussion on work-from-home/remote solutions.

    If somewhere has sunk "time and money into BCP", and they don't have secure methods to keep work going remotely in the current climate, they did their BCP wrong.

    None of this stuff has to be expensive. If it's costing you 100% extra, you're also doing it wrong. This stuff should be used in production and tested every day with staff voluntarily working from home. If it only gets tested once a year (or never), you're doing it wrong.

    Likewise, plenty of places proudly hold their DR plans lofty, forgetting that DR is about getting things back to normal after the shit goes down, rather than working through the shit while its happening.
     
  19. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,920
  20. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,920
    Ours started in the same spot, but instead, everyone's building has vanished, and the systems you relied upon to provide connectivity for remote solutions aren't keeping up with demand. I don't know what your plans look like, but mine don't mention "Use IP Over Avian because NBN is shit"
     

Share This Page

Advertisement: