20230512

Fri May 12 06:00:01 EDT 2023 ======================================== Slept from eleven-thirty to seven-thirty without waking. Partly cloudy early in the morning, then becoming cloudy. A slight chance of showers in the afternoon. Highs around 80. Southeast winds up to 5 mph. Chance of rain 20 percent. # Work * 11:30 AM - 12:00 PM Monthly ELMS briefing for CTO * 02:30 PM - 03:15 PM Box migration with Laura Hill Initial thoughts about Cynerge security. What is Cynerge's risk tolerance? What would be the most painful or worst case? What are Cynerge's vital spots? How much inconvenience or expense will Cynerge tolerate to improve security? Threat: phishing/fraud/social engineering. Mitigation: user training (test email campaigns?). Threat: ransomware or malicious activity (including insider threat). Mitigation: 1. limit file permission to those necessary, deny by default; 2. backups with controlled access, preferably offline with long-terms. Threat: device loss/theft. Mitigation: drive encryption. Threat: password compromise or weak passwords. Mitigation: MFA. Threat: compromise of customer data. Mitigation: 1. aggressive security patching; 2. cyber insurance; 3. write and enforce/audit policies the make sure we're not doing anything bone-headed like storing unhashed/unsalted customer passwords. Threat: user/device non-compliance (not installing security updates, not encrypting drive, etc.) Mitigation: device management like Intune (This may be more overhead than Cynerge wants to deal with.) Threat: former users/account (malicious or simply stale/forgotten accounts) Mitigation: Document add-user tickets and refer the them when completing drop-user tickets. Ideally, also document user modification (like new accounts and privilege increases) and have a ticket system that makes it easy to find those mods when dropping the user. Threat: compromise of admin accounts Mitigation: 1. don't share any one admin account/login with more than one human user; 2. give users the minimum privileges they need to do their work (generally, but especially for accounts with elevated permissions). # Home * [ ] -------------- 06:00 PM D&D (TENTATIVE) -------------- * [ ] AWS study * [ ] schedule AWS cert exam * [ ] play with text-based (Gemini?) D&D hex thing * [ ] work on CC 0e D&D reference rules * [ ] spell list (old to new) * [ ] monster list (old to new) * [ ] magic item list (old to new) * [ ] schedule dentist appointment * [ ] PenFed * [ ] transfer funds from old savings account (http://www.citizensbank.com/HSBC) * [ ] get backup credit card * [ ] money market? * [ ] schedule optometrist appointment * [ ] play with Go web base Read more of How to Sell a Haunted House. Starting to get good. Washed laundry. https://www.metafilter.com/199261/Now-Chess-It-has-three-parts-Do-you-know-what-they-are Servings: grains 1/6, fruit 0/4, vegetables 2/4, dairy 2/2, meat 2/3, nuts 0/0.5 Brunch: soup Lunch: cucumber, egg, toast Afternoon snack: coffee Dinner:

< ^ txt