Blogs|Dec 21, 2020

Creating a Tagging Strategy for Azure

Azure has many controls out of the box that helps tailor the experience to an organization on Azure. Such controls include Azure Management Groups for organizing subscriptions, Azure AD with Role-Based Access Control (RBAC) to manage access to Azure resources, Subscriptions and Resource Groups for organizing resources, and Azure Policy to enforce compliance and augment…
Read More
Security
Docker|Jul 26, 2018

Security Best Practices for Docker Images

Docker Hub is a blessing and a curse at times. It’s a great way to share Docker images to the public, but it can be used by hackers to sneak code into environments with malicious intent. Recently, a hacker uploaded images into Docker Hub that were downloaded over 5,000,000 times. The intent was to turn…
Read More
Burnt Computer
Blogs|Jul 26, 2018

Using Rclone with Azure for a Low-cost Backup

While backups are often one of the most overlooked planks in a comprehensive data security plan, they are are probably among the most important things one can do for data security. It’s works as an insurance policy against data loss which can be caused by a myriad of things ranging from accidental deletion, to drive…
Read More
OpenVPN
Azure and Cloud Computing|Jun 27, 2018

Using OpenVPN on Azure For a Low Cost, Private VPN

A personal VPN is a nice way of securing traffic between your device and the Internet. Securing your traffic is good for several reasons including safe browsing when one is away from a trusted network like one’s home or office. Untrusted networks would be those at coffee shops, airports, hotels, public libraries, and other places…
Read More
security|Feb 24, 2017

How a Single-Character Coding Error Led to a Major Data Leak

If you don’t follow the tech Twitter-verse as obsessively as we do, you may not be aware that a major data breach at Cloudflare has put user passwords, messages and other information at risk all over the internet. Cloudflare provides web security and performance services for companies like Uber and OkCupid, among many, many others.…
Read More
security|Dec 23, 2015

Java Security Updates May Not Actually Be Secure

With Java SE reportedly installed on 850 million PCs, the “Java Update Available” popup has become a well known nuisance.  But keeping software up-to-date is supposed to help protect us.  According to the FTC, Java updates might be an exception to that rule. The key issue is that Java updates have not always removed older…
Read More
azure-and-cloud-computing|Oct 15, 2015

Microsoft Releases Azure Active Directory Domain Services

Microsoft has released a public preview for their new Azure Active Directory Domain Services feature in Azure Active Directory.  This feature allows you to establish virtual network domains in Azure. Azure AD Domain Services is an entirely new concept. It’s a cloud based service which gives you a fully Windows Server Active Directory compatible set…
Read More
How To|May 28, 2015

6 Things You Should Know About SQL Server 2016 Always On Encryption

The upcoming SQL Server 2016 release promises many new features including a “Stretch” feature which allows you to automatically archive older data to the cloud, enhanced in-memory OLTP functionality, and several new enhancements in security.  One of the most interesting new security features is Always On Encryption.  Here are 6 things you should know about this…
Read More
How To|May 27, 2015

OAuth 2.0 Part 2 – The Four Party Diagram

Understanding the Four Party Diagram In the last post, we made it through defining the four roles represented in the four party diagram. Now we’re going to dig into the arrows that represent information flowing between the parties. Authorization Request This is conceptually straightforward. The client needs to ask the resource owner for permission to…
Read More
survey|Apr 23, 2015

Which Mobile OS Do You Trust?

With recent revelations from the RSA Security Conference highlighting gaping security holes in iOS8 as well as pointing out that many Android apps don’t perform proper SSL validation, one has to wonder is their mobile data safe anywhere? Amit Yoran, President of the RSA kicked off their company’s annual conference with a scathing commentary on…
Read More