|
Thanks Ants posted:But maybe it's time to just flag every external email with a massive "this was sent from outside the company" banner. Just prefix the subject with "EXTERNAL". People will ignore it just as fast, but complain half as much.
|
#
¿
Jun 18, 2018 23:23
|
|
|
|
| # ¿ Apr 26, 2024 00:48 |
|
|
User is frustrated that she can't log into an iPhone app. She's getting locked out. In one stream of words: "I know I'm typing my password in correctly. Don't patronize me. I don't need any help. Where are my glasses? I can't see what I'm typing. I hope nobody pulls me over when I drive home. Can you help me when I get home?"
|
|
#
¿
Jun 19, 2018 03:25
|
|
|
Thanks Ants posted:I'm convinced the only way to have any hope of securing your data is to tag every external message with a huge warning, do whatever setting changes you need to make to prevent people from being able to connect third-party apps (that also grant API access) to their Office 365 accounts, enable two-factor authentication, and relentlessly hammer home the idea that you will never get asked to confirm your password by a website. Having a responsive support team when people have questions can't hurt either. - Limit number of users with e-mail access to the outside world. (Internal is OK). - Require VPN access for anyone who wants to get to company assets off site. Brownie points if all mobile devices are prohibited from accessing ANY unauthorized IP/domain/service, ever. - Multi-factor authentication everywhere. - E-mail security gateway with Anti-Phishing Sandbox, URL rewriting/removal, attachment stripping/sandboxing, context-sensitive DLP. - Perimeter (and internal) firewalls with sandboxing, application control, content filtering, IPS/IDS, Geo-IP filtering, and context-sensitive DLP. - Add subject and body flags to all e-mails from the outside. - Constant training and re-training of simulated Phishing attacks (KnowBe4, PhishMe) with HR buy-in for training enforcement. - Have a support team (and an executive/senior management group) that understands that people are going to be pissed as all poo poo that you're not letting them access a secure message from their great-grandmother that they're sure is legit. I've got almost all of these things implemented. People still click. They just don't care. It's not their gear. There comes a point in the sisyphean goal of "perfect security" when you realize that it's all gone adversarial and people are going to click just to spite your draconian rear end. Then some other org in your vertical gets breached, the execs freak out, and you start pushing the boulder uphill again. 
|
|
#
¿
Sep 5, 2018 02:54
|
|
|
Sickening posted:I was under the impression that VDI still sucks and might always suck. VDI's ok as long as you know that anyone on VDI isn't a power user. Sure beats "Bad hard drive? That sucks. You're without a PC for a week while we spin up a change control, order replacement parts, deploy an image, do inventory data work, get the ok from Info Sec to re-deploy, and pay our staff mileage and suffer time lost on important poo poo." The number of rebuilds and re-entitlements we do per day easily makes up the yearly licensing costs (and reduced staff count).
|
|
#
¿
Sep 5, 2018 23:09
|
|
|
Data Graham posted:VDI goons, is it normal / SOP to have it automatically reboot and respawn every 10 days or so? The VM itself? We have ours either refresh on logoff, or reboot after 8 hrs of idle time after login.
|
|
#
¿
Sep 6, 2018 01:44
|
|
|
Johnny Aztec posted:I used to have that, but for some reason it stopped working with iOS? iOS 12.1 here, working just fine.
|
|
#
¿
Nov 24, 2018 20:25
|
|
|
DigitalMocking posted:oh no, he doesn't want to do the work. ... or enable DHCP snooping on your switches with alarms? e:f;b
|
|
#
¿
Dec 1, 2018 15:10
|
|
|
SfB Admin/Engi checking in. Always use Polycom/BToE. Softphone purism is for VPNers at best. :edit: The VVX-601s are fun with their gimmick touch screens and integrated bluetooth.
|
|
#
¿
Nov 8, 2019 02:40
|
|
|
minusX posted:We're currently having a lot of fun where internally our O365 e-mail accounts can't e-mail our on prem exchange users. Other way around work, external also works. Broken hybrid transport rule?
|
|
#
¿
Dec 20, 2019 23:27
|
|
|
chin up everything sucks posted:Today is the deadline ... Now I am making a list of people who have ignored our every communication... I can't wait for the screams. This, but with our new MAM deployment. We gave everyone two months. Batch enrolled everyone with documentation, twice-a-week communications, videos, how-tos. We're at month three now and we still have 10% of the users who haven't migrated. Those of the 10% that eventually switch (after not having e-mail for months wtf) are thrilled to tell me how much the old system was better (it wasn't) and they really wish they didn't have to do this (hence the old system was better).
|
|
#
¿
Feb 8, 2020 16:27
|
|
|
Arquinsiel posted:CYA dictates you do the second anyway so you can point to it. Then get reported for rudeness.
|
|
#
¿
Feb 14, 2020 00:25
|
|
|
nitrogen posted:After working with banking software and banks, I now keep my savings under my mattress. Welcome to the party, pal. Financial IT Engineering is the art of deploying a secure, efficient infrastructure... in spite of the best efforts of Financial software developers. “We don’t support virtualization”, indeed.
|
|
#
¿
Nov 29, 2020 16:44
|
|
|
RFC2324 posted:Did something change? Thats a change. Its really only complicated if you are trying to make production changes you shouldn't be. How do you keep 100% strict change controls while simultaneously being able to get work done? If every single change needs to be reviewed and improved, projects would take centuries to complete.
|
|
#
¿
Feb 28, 2021 03:33
|
|
|
Thanks Ants posted:Teams as a phone system is pretty poo poo but at least it doesn't try and drag extensions into the age of the softphone and IP voice. Seems like a hangover from the pre-IP days. If people need to be called direct then give them a direct number. That's both my favorite and least favorite thing about Skype/Teams telephony. Teaching people to un-learn "phone = extension" is a huge hill to climb.
|
|
#
¿
Jul 27, 2021 16:36
|
|
|
devmd01 posted:“It depends” JFC are you serious? Christ, I’m glad we moved to Okta from ADFS.
|
|
#
¿
Aug 4, 2021 03:25
|
|
|
Outlook Quick Steps for all your "Open a ticket" and "Go away telemarketer" needs.
|
|
#
¿
Nov 3, 2021 22:31
|
|
|
|
| # ¿ Apr 26, 2024 00:48 |
|
|
my cat is norris posted:You have this entire forum cheering for your success and wanting the best for you. I'm so sorry that you have to face this nightmare scenario, but I do hope it's resolved quickly.
|
|
#
¿
Jan 13, 2022 18:32
|
|