Properly configuring Google Meet

Every school district I talk to is struggling to reign in overly permissive conferencing software. We are trying to lock down the creative ways that students find to abuse them that adults never have because they tend to want to keep their jobs. Students have much more palatable consequences :p Chris Thomas did a great … Continue reading “Properly configuring Google Meet”

Talking to the Zoom API using Powershell (or your favorite language)

This will be a quick post for folks who are finding out that Zoom has extremely limited capabilities to do things in bulk in the admin console. Want to delete 20 users? You’ll be clicking individually, then clicking dialogs that have fade in and fade out visual effects making it take 5 seconds or more … Continue reading “Talking to the Zoom API using Powershell (or your favorite language)”

How Zoom failed to understand K-12 education

I know that Zoom has received a lot of criticism lately around their security and privacy failures. This has been a polarizing issue where those who love the platform are almost ignoring the issues while those who don’t like Zoom can’t seem to appreciate the things they do well. This post isn’t about those concerns … Continue reading “How Zoom failed to understand K-12 education”

Improving Windows Defender Update Efficacy

Today we’re going to talk about the best (and worst) methods for Windows Defender definition/intelligence updates and how to configure them. This post from SwiftOnSecurity got me thinking about the way we handle our fallback for definition/intelligence updates, and while I was originally planning on a broader coverage of things like exclusions and other policy … Continue reading “Improving Windows Defender Update Efficacy”

Assess your Active Directory before someone else does (BloodHound)

Hey all, back again with another AD assessment tool. Last week I talked about PingCastle which covers some areas that Bloodhound does and some areas that it does not, so I’d highly recommend going through that one first, and then move to Bloodhound to address escalation paths and things that may have been missed by … Continue reading “Assess your Active Directory before someone else does (BloodHound)”

Assess your Active Directory before someone else does (PingCastle)

Hey all, two of my favorite Active Directory auditing tools have been updated in the past couple of weeks – PingCastle and BloodHound! First up is PingCastle which is what I’ll cover today, and then I’ll try to cover BloodHound tomorrow. Both of these tools are used to audit AD and can give you some … Continue reading “Assess your Active Directory before someone else does (PingCastle)”

Using Shodan.io to protect your school district

A huge shout out to Eric Arline for raising awareness on this. I had heard Shodan provided free accounts to education, but I was always under the impression it was higher education only. Next thing I know, Harold Gale was nice enough to ask the following: So, let’s talk about Shodan Monitor If you aren’t … Continue reading “Using Shodan.io to protect your school district”

Using transport rules as a security tool (Part 3)

This is Part 3 of our series on using transport rules as a security tool. Each article will be linked in the table below as they are published: Part 1 – Setting up the mailboxPart 2 – It’s all about those transport rulesPart 3 – Reducing the haystack (you are here)Part 4 – Alerting and … Continue reading “Using transport rules as a security tool (Part 3)”

Using transport rules as a security tool (Part 2)

This is Part 2 of our series on using transport rules as a security tool. Each article will be linked in the table below as they are published: Part 1 – Setting up the mailboxPart 2 – It’s all about those transport rules (you are here)Part 3 – Reducing the haystackPart 4 – Alerting and … Continue reading “Using transport rules as a security tool (Part 2)”

Using transport rules as a security tool (Part 1)

At a conference last May, I had an opportunity to facilitate a session focused around email security covering topics such as SPF/DKIM/DMARC/MTA-STS, spam/phishing filtering, message routing, archiving/holds, and more. During that session, I shared about the methodology I use to track current trends of spam and phishing attacks rather than relying on the native spam filtering in our email platforms…