Your cloud software solution should have an offline version for business continuity purposes

October 28, 2019October 10, 2019 ~ larshilse ~ Leave a comment

That an increasing amount of corporations were pressing users, and corporations to move to what is now known as the cloud. Back then the associated services were referred to as software as a service/ S a a S. Even 10 years ago this was not the most clever solution to vet your company's existence on. … Continue reading Your cloud software solution should have an offline version for business continuity purposes

Why a detailed network documentation is essential?

October 24, 2019October 10, 2019 ~ larshilse ~ Leave a comment

More often than not when I walk into a building I will see RJ-45 network outlets in the wild. Without having done exact calculations I was able to hook up my laptop to this outlet, and have full access to the network. This goes for supermarkets, public administration buildings, and even military installations. What’s particularly … Continue reading Why a detailed network documentation is essential?

Printers should be segregated from the rest of the network

October 23, 2019October 10, 2019 ~ larshilse ~ Leave a comment

When it comes to security risks for networks, hardly anyone will think of a printer as an existential threat to an organization. However, multiple cases proving that printers, and other IOT devices can act as Trojan horses have surfaced over the last couple of years. There are probably multiple reasons why this is happening, and … Continue reading Printers should be segregated from the rest of the network

Why you should isolate un-patchable, end-of-life software

October 17, 2019October 10, 2019 ~ larshilse ~ Leave a comment

And another blog post from the recent past I outlined why a patch policy and an update policy maybe critical for survival of an organization. On rare occasions, and actually more often than desirable critical software upon which the organization relies to operate cannot be updated or patched simply because this piece of software has … Continue reading Why you should isolate un-patchable, end-of-life software

What Active Directory backup do you pursue?

October 11, 2019October 10, 2019 ~ larshilse ~ Leave a comment

AD is a difficult thing to back up. An alternative strategy could be quite easy...

Application security is not necessarily necessary

June 12, 2019June 7, 2019 ~ larshilse ~ Leave a comment

Often times applications have reached end-of-life, or are no longer supported by the vendor. In this case organizations tend to weed out or replace such applications simply due to this fact. I was confronted with this organization while performing a due diligence for an investment company. The course after of the organization in question was … Continue reading Application security is not necessarily necessary

Visitors by appointment only… even tech workers, maintenance staff, cleaning staff, etc

June 11, 2019June 7, 2019 ~ larshilse ~ Leave a comment

Probably one of the most interesting incidents I have investigated was the theft of computers from a university. The perpetrator had done a good job scouting out the procedures of the organization, and through his reconnaissance put together a whole deal of information. He knew for instanceHe knew for instance that onHe knew for instance … Continue reading Visitors by appointment only… even tech workers, maintenance staff, cleaning staff, etc

Your email server should ensure encrypted communication and messaging only

June 10, 2019June 7, 2019 ~ larshilse ~ Leave a comment

As you can see this post was published in 2019. We’ve had pretty much everything about you go south. Probably the most revealing thing, and the only one in years that led to some kind of reaction, where the Snowden revelations. No, one of the main issues is that even after such a major incident, … Continue reading Your email server should ensure encrypted communication and messaging only

Emergency WAN connectivity to ensure business continuity

June 7, 2019June 7, 2019 ~ larshilse ~ Leave a comment

Probably The coolest thing in cyber security is that you constantly learn. On a conference I was speaking up I was asked by an attendee in my audience, and after my talk whether I could answer him a very confidential question. Turns out the guy was the CISO Of an oil and gas company, and … Continue reading Emergency WAN connectivity to ensure business continuity

Is your cloud service provider contactable in case of crisis?

May 30, 2019May 28, 2019 ~ larshilse ~ Leave a comment

Probably one of the most interesting questions to ask when reviewing a cyber crisis reaction document is the phone number of the cloud hosting platform that is chosen to be the one to store the back ups of all critical systems of an organization. Chances are that the survival of your company relies on this … Continue reading Is your cloud service provider contactable in case of crisis?

Why you need on-location and co-location backups and why they should be encrypted

May 29, 2019May 28, 2019 ~ larshilse ~ Leave a comment

I hope I will be stating the obvious in this post; but I have seen so many things going wrong that I will risk repeating myself! On location back ups are totally cool! They are directly connected to your ethernet, have blazing accessibility rate, superb file transfer speeds, and a variety of other bills and … Continue reading Why you need on-location and co-location backups and why they should be encrypted

Why you need a patch and update policy, and protocol

May 28, 2019May 28, 2019 ~ larshilse ~ Leave a comment

Here is an example of why it's a pretty good idea to have an update policy in place...