Entries by Lawrence Strauss

A Few Minutes with Tom Barnes, Manager of Client Services

Tom Barnes was recently named Manager of Client Services. Tom joined Bryley Systems in 2020 as a Business Development Representative. Within a year he transitioned to a role as a Client Success Specialist where his success advocating for Bryley clients earned him favorable notice and his current role.

Tom has had a diverse career that has included software troubleshooting, RV sales and running his own business. He achieved a BS (Summa Cum Laude) in Psychology from UMass Amherst … [4 min. read]

Upgrade Windows Server 2012 and 2012 R2

Microsoft will stop patching and updating Windows Server 2012 and 2012 R2 on October 23, 2023. Running these server systems after that date exposes you to security and compliance risks. These Microsoft moves usually also mean the end-of-support for third-party applications built to integrate with these server products … [4 min. read]

Only two other cars had Positraction …

… and enough power to make these marks

–Mona Lisa Vito, My Cousin Vinny

MFA: Each Criterion Brings You Closer to the Truth

A Decatur, Illinois manufacturer that had been hit with ransomware in May, was in July sued by Travelers Insurance for having misrepresented the extent to which it was protected by MFA (multifactor authentication). Travelers said the manufacturer had violated the terms of its cyberinsurance policy. The parties came to an adjudicated agreement to nullify the policy; Travelers did not need to cover any of the ransomware losses. … [6 min. read]

Mixing Up Vulnerabilities and Risk

A bike is resting against a lamppost without being locked. Is the bike at risk of being stolen? To answer that question, you’d need to find out: Is the bike valuable? Is it in desirable condition? Who would want the bike? What’s the crime rate by the lamppost? Are people around? Is it daytime? Is there a security camera? Also, what effect would it have if someone were to take the bike?

An unlocked bike resting on a lamppost is not a risk, but, in the words of cybersecurity, it is a vulnerability that might be exploited … [5 min. read]

Zero Trust: Painful, Slow and Inevitable

Most corporate networks are structured the same way: highly reinforced perimeter, and highly vulnerable interior

“In the zero-trust model, every network and every user are considered hostile,” said Bryley engineer Myk Dinis. Windows 11 offers new ways of achieving zero trust, but Myk said, “baked into Windows is an easy-to-see instance of zero-trust. You have three default network security levels: private, work and public. Depending on which of those network types that you declare you’re in, right down the line it strengthens the firewall. So in a private network your firewall is going to be the least restrictive; it will allow the most access both ways. Work allows a little less access. And with public nothing’s allowed; everything has to be proven with certificates; public is built according to a zero-trust networking model …” [5 min. read]

Considering a Business Purchase or Merger?

Here’s Why a Tech Risk Assessment Should Come First

When looking to buy a business or merging with another business, part of the process should include doing due diligence – checking everything top-to-bottom about the other party’s business. Due diligence includes making sure the other business is operating within the law and the guidance of its industry’s regulatory bodies. And because of societal reliance on technology, due diligence ought also to mean scrutinizing the business’ IT practices … [5 min. read]

Embracing Compliance

Yes, Compliance Is Like Eating All Your Vegetables

Compliance is something someone else makes you do, AKA yuck.

Compliance is laws, regulations, contracts and insurance policy terms. And failure to adhere leads to penalties, lawsuits, investigations and the chance insurance won’t cover your claims. Yuck.

But Compliance Is Meant to Keep You from Being Easy Pickings to a Hacker

Think about it from the other point of view. By making nice with compliance (like eating your kale) you can avoid fines and penalties, improve operational safety, cut your risk of cyber-attack, improve public relations, prevent attrition of clients who will more and more need their suppliers to be compliant and, if needed, make sure liability insurance claims are paid. So really compliance is one of those business rarities that can demonstrate a measurable return-on-investment … [5 min. read]

Taking Cybersecurity Seriously Too Late

Is your IT staff usually prioritizing the problems of their co-workers: ‘my email doesn’t work,’ ‘I can’t print,’ ‘I lost a file?’ If so, by dealing with the urgent, they’ve traded away the time they’d spend doing the important, proactive work of IT – building and maintaining your secure network to advance your business’ goals … [6 min. read]

Twenty-Two Percent Have Suffered a Mobile Compromise

The Same Verizon Study Showed Fifty-Nine Percent of Businesses Have Sacrificed Security for Employees’ Flexibility – Going Mobile Has Increased Our Exposure

It used to be our precious assets were protected behind layers of security: Cash was in a steel safe, customer lists and bank records were in a locked filing cabinet and HR records were behind a locked HR office door.

Of course electronics revolutionized the workplace. Employees then used computers to navigate a digital file system which contained the business’ confidential info. The sensitive documents that were once tangible were now within the network for users to access. The data was protected by passwords and limited permissions. These were useful means when computing devices were stationary and did not leave the physical office. Yes, employees used to report to the office for work and only there and then be granted access to confidential information. It was rare for the data that companies prized to ever leave the premises.

And of course this is no longer true. Because of their convenience, mobile computing devices are part of most working environments … [7 min. read]