background preloader

ITIL and Infosec Best Practices

Facebook Twitter

Report: Scripting languages most vulnerable, mobile apps need better crypto. According to an analysis of over 200,000 applications, PHP is the programming language with the most vulnerabilities, mobile apps suffer from cryptography problems, and developers are more likely to fix errors found with static instead of dynamic analysis.

Report: Scripting languages most vulnerable, mobile apps need better crypto

Information Engineering.

IPS

Monitoring Active Directory for Signs of Compromise. Auditpol.exe can be used to save and restore a local audit policy, and to view other auditing related commands.

Monitoring Active Directory for Signs of Compromise

Here are the other auditpol commands. auditpol /clear - Used to clear and reset local audit policies auditpol /backup /file:<filename> - Used to back up a current local audit policy to a binary file auditpol /restore /file:<filename> - Used to import a previously saved audit policy file to a local audit policy auditpol /<get/set> /option:<CrashOnAuditFail> /<enable/disable> - If this audit policy setting is enabled, it causes the system to immediately stop (with STOP: C0000244 {Audit Failed} message) if a security audit cannot be logged for any reason.

Linkedin. Last month, I reported on the launch of the second edition of “Office 365 for Exchange Professionals” at the IT/DEV Connections conference in Las Vegas.

linkedin

Subsequently, we made the Kindle edition available on Amazon after the usual struggle with the transformation of Word (2016) documents to EPUB format and hence to Kindle. In fact, since we released the original version of the second edition, we have used the flexibility inherent in eBook publishing to refresh the text several times, most notably after the release of Exchange 2016. This is something you just can’t do with traditional publishing models and it helps us keep the text fresh, accurate, and up-to-date. Given that Office 365 changes all the time (today’s news is that the Office 365 Groups document library feature has received the user interface makeover previously given to OneDrive), being able to push out updated books is a very good thing. It is also true that more and more non-Exchange material is being included in the book. Linkedin. Understanding what the Exchange 2016 Preferred Architecture really means. The notion of “best practice” has long been an elastic commodity when applied to Exchange architecture and design.

Understanding what the Exchange 2016 Preferred Architecture really means

Consultants and consulting companies have professed to have their own magic method to ensure the successful deployment of Exchange since the first version appeared nearly twenty years ago. There’s nothing harmful in following a successful recipe. Microsoft AGPM - Group Policy Management. 10 Habits IT Administrators Should Avoid. Most experienced system administrators have inherited an IT infrastructure at least once and have been unsatisfied with the work of a predecessor.

10 Habits IT Administrators Should Avoid

The complete revision of the entire infrastructure is a painful and costly process, but may be inevitable to reclaim control, minimize the risk of system downtime, check and update internal workflows or even get rid of processes that might increase the risks of security violations. Even experienced professionals can fall into bad habits that affect performance and put the IT infrastructure at risk. Information Architecture. Information management and policy. Monitoring & Management. Security. MDT (Microsoft Deployment Toolkit) .Windows.

10 principles of effective information management. Written by James Robertson, published November 1st, 2005 Categorised under: articles, information management Improving information management practices is a key focus for many organisations, across both the public and private sectors. This is being driven by a range of factors, including a need to improve the efficiency of business processes, the demands of compliance regulations and the desire to deliver new services. In many cases, ‘information management’ has meant deploying new technology solutions, such as content or document management systems, data warehousing or portal applications. These projects have a poor track record of success, and most organisations are still struggling to deliver an integrated information management environment. Effective information management is not easy. This article draws together a number of ‘critical success factors’ for information management projects.

An introduction to the concepts of Enterprise Architecture. What is proof of concept (POC)? - Definition from WhatIs.com. Proof of concept (POC) is documented evidence that a potential product or service can be successful.

What is proof of concept (POC)? - Definition from WhatIs.com

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. 4 Keys To A Data Security Strategy. Organizations must prepare for the inevitable security breach and focus on protecting sensitive corporate data.

4 Keys To A Data Security Strategy

Here are some ideas to build on. If you’re an IT pro, protecting your company’s security may have recently become part of your job description. This probably didn’t come as a surprise -- more than 40% of companies suffered a breach last year, according to the Ponemon Institute. WDK and WinDbg downloads - Windows Hardware Dev Center. Get the WDK and other kits and tools for Windows 10 Get the latest kits and tools for Windows 10 hardware development, including Visual Studio Community 2015 and Windows Driver Kit (WDK) 10.

WDK and WinDbg downloads - Windows Hardware Dev Center

This release of Visual Studio includes the Visual Studio Tools for Windows 10 and the Windows SDK for Windows 10. You’ll also find the new debugging tools, symbols, and deployment and performance tools for Windows 10. Visual Studio 2013 Start by downloading Visual Studio 2013. Driver samples Code samples are valuable guides whether you're writing your first driver or updating an older one. Hardware Feature Compatibility. Device Drivers and Deployment Overview.

Group Policy for Beginners. If you are an IT pro who has never used Group Policy to control computer configurations, this white paper is for you.

Group Policy for Beginners

Group Policy is the essential way that most organizations enforce settings on their computers. It is flexible enough for even the most complex scenarios; however, the essential features are easy to use in simple scenarios, which are more common. Group Policy. Windows Performance - Hardware Compat, Device, Driver. Find resources and tools to help you install and manage devices, troubleshoot hardware compatibility issues, and monitor and improve performance in your Windows client environment.

Windows Performance - Hardware Compat, Device, Driver

Springboard Series Spotlight Consumerization of IT: Frequently Asked QuestionsGet answers to common questions about the growing consumerization trend and get recommendations on how to approach the management of user-selected devices, applications, and services within your desktop environment. Syswow64 blog: Windows 7 Offline files will not go Online when connected to network. Issue Several laptop users move between networks, domain, home, etc and when they attempt to access DFS shares explorer status is working offline.

The issue only resolves it self after a reboot. Connecting directly to the share works and i am able to ping network resources. Group Policy Planning and Deployment Guide. By default, a GPO affects all users and computers contained in the linked site, domain, or OU. However, you can use security filtering on a GPO to modify its effect to apply only to a specific user, members of an Active Directory security group, or computer by modifying the permissions on the GPO. By combining security filtering with appropriate placement in OUs, you can target any given set of users or computers. In order for a GPO to apply to a given user, security group, or computer, the user, group, or computer must have both Read and Apply Group Policy permissions on the GPO.

By default, Authenticated Users have both the Read and Apply Group Policy permissions set to Allow. Both of these permissions are managed together as a single unit by using security filtering in the GPMC. Timekeeping best practices for Windows, including NTP. Timekeeping best practices for Windows, including NTP. .@snowden OPSEC guide: - use Signal - use Tor - use full disk encryption - use a password manager - use two factor auth Solid basics.