SECTION 9 Cyber Security
Time to review the security of notion.so. They are responsible for protecting our data. We are responsible for putting it there. We need to make sure their security meats our requirements. If they don’t, we’ll have to look for a different solution.
We’re taking a step back and focusing on documentation. We spend a lot of time looking things up. Time that could have been spent learning new things. Better documentation means less time spent looking things up. To help fix this problem, we’re looking in
We signed up for the Purple Teaming class put on by Black Hills Information Security. It was a bit overwhelming, but we learned a lot.
We’re doing a quick review of the Verizon Data Breach report. We’ere also looking at Micosoft 365 options. We’d like to migrate to it if we can.
Black Hills has put out another amazing blog post. This one is titled “A Pentester’s Voyage - The First Few Hours”. We’re not pentesters, but we can learn a lot from the process.
We need to make sure our projects are useful. To help us do that, were mapping our projects to the Critical Security Controls. We’re also looking at the Black Hills presentation on How to Build a Home Lab. This is full of good information.
Its been an interesting week. Wireshark saved me at work. Wasn’t expecting that. I’ve been using the Security Onion training. Learning how to set it up and install test data. I’ve also realized that a security lab needs evil. How do you look for evil if y
Good news. Everything works! We still have to manage IP address, subnets, vlans, firewall rules and more. That hasn’t changed. What has changed is that it all works. Our hard work is paying off.
That’s right, we have a new VMware server. We also have a new set of problems. How do we manage VMware? How do we access it over a vpn connection? What Fortinet firewall rules do we need? What IP address do we need? What subnets do we need? We would lov
Time to document our Fortinet equipment and plan for our VMware server. Dorothy will do the documentation. She needs to see how the network was put together. Once some of that’s done, we can pick out a server. The sooner we get the server the better.