NCSAM – Post 0011: MFA ALL THE THINGS

In case you missed it, passwords suck. No really. https://blogs.serioustek.net/post/2019/10/23/ncsam-post-0010-lets-talk-about-passwords That being the case, one of the best ways to improve security is to use multi-factor authentication. Use MFA If you are not using multi-factor authentication (or don’t know what it is), stop reading this article RIGHT NOW and turn it on for any service that you can (or go read this NIST paper: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf ). Many web services like banking or healthcare should already … Read more…

NCSAM – Post 0010: Let’s Talk About Passwords

Yes, that password. You know, the one that you use on EVERY. SINGLE. LOGIN. But hey, it’s a really good password, you say. Psssst…it doesn’t matter. If you re-use even one password, you are twice as likely to have your account “hacked”, your identity stolen, or any number of bad things. Don’t believe me? Read this post: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Your-Pa-word-doesn-t-matter/ba-p/731984 Take note of the large chart and the column that says “User assists attacker by…” Notice how … Read more…

National Cybersecurity Awareness Month (NCSAM) – Post 0001: Taking a Step Back

Well, it’s that time again – you know, when you get tons of email from security vendors reminding you that your security sucks, no security is perfect, this bug, that vuln and blah blah blah. Let’s take a step back and get started the right way with a series of posts that address a few places where you can improve your day-to-day technology security. Risk No security is perfect, you are simply mitigating risk – … Read more…