MyStaff – Simplified Administrative Password Reset

I am really excited to share this solution! We have had an internal password reset portal that was designed a decade ago, doesn’t scale, can’t be easily accessed, is not mobile friendly, and doesn’t natively support MFA. As we started school this year, thousands of students needed passwords reset, and our existing solution did not … Continue reading “MyStaff – Simplified Administrative Password Reset”

Properly configuring Google Meet

Every school district I talk to is struggling to reign in overly permissive conferencing software. We are trying to lock down the creative ways that students find to abuse them that adults never have because they tend to want to keep their jobs. Students have much more palatable consequences :p Chris Thomas did a great … Continue reading “Properly configuring Google Meet”

Talking to the Zoom API using Powershell (or your favorite language)

This will be a quick post for folks who are finding out that Zoom has extremely limited capabilities to do things in bulk in the admin console. Want to delete 20 users? You’ll be clicking individually, then clicking dialogs that have fade in and fade out visual effects making it take 5 seconds or more … Continue reading “Talking to the Zoom API using Powershell (or your favorite language)”

How Zoom failed to understand K-12 education

I know that Zoom has received a lot of criticism lately around their security and privacy failures. This has been a polarizing issue where those who love the platform are almost ignoring the issues while those who don’t like Zoom can’t seem to appreciate the things they do well. This post isn’t about those concerns … Continue reading “How Zoom failed to understand K-12 education”

Improving Windows Defender Update Efficacy

Today we’re going to talk about the best (and worst) methods for Windows Defender definition/intelligence updates and how to configure them. This post from SwiftOnSecurity got me thinking about the way we handle our fallback for definition/intelligence updates, and while I was originally planning on a broader coverage of things like exclusions and other policy … Continue reading “Improving Windows Defender Update Efficacy”

Assess your Active Directory before someone else does (BloodHound)

Hey all, back again with another AD assessment tool. Last week I talked about PingCastle which covers some areas that Bloodhound does and some areas that it does not, so I’d highly recommend going through that one first, and then move to Bloodhound to address escalation paths and things that may have been missed by … Continue reading “Assess your Active Directory before someone else does (BloodHound)”

Assess your Active Directory before someone else does (PingCastle)

Hey all, two of my favorite Active Directory auditing tools have been updated in the past couple of weeks – PingCastle and BloodHound! First up is PingCastle which is what I’ll cover today, and then I’ll try to cover BloodHound tomorrow. Both of these tools are used to audit AD and can give you some … Continue reading “Assess your Active Directory before someone else does (PingCastle)”

Using Shodan.io to protect your school district

A huge shout out to Eric Arline for raising awareness on this. I had heard Shodan provided free accounts to education, but I was always under the impression it was higher education only. Next thing I know, Harold Gale was nice enough to ask the following: So, let’s talk about Shodan Monitor If you aren’t … Continue reading “Using Shodan.io to protect your school district”

Using transport rules as a security tool (Part 3)

This is Part 3 of our series on using transport rules as a security tool. Previous articles are linked in the table below: Part 1 – Setting up the mailboxPart 2 – It’s all about those transport rulesPart 3 – Reducing the haystack (you are here) Refining transport rules Hopefully you aren’t like me with … Continue reading “Using transport rules as a security tool (Part 3)”

Using transport rules as a security tool (Part 2)

This is Part 2 of our series on using transport rules as a security tool. Each article will be linked in the table below as they are published: Part 1 – Setting up the mailboxPart 2 – It’s all about those transport rules (you are here)Part 3 – Reducing the haystack Spam / Phishing Campaigns … Continue reading “Using transport rules as a security tool (Part 2)”