Nick

@nick@shore.me.uk

Mostly Retired. Consultant. Ex Managing Director. Ex CTO.

Mikrotik, DNS, Routing, IPv6
Live Sound Engineer. Cornet Player

Based in Debenham, Suffolk UK

155 following, 241 followers

0 ★ 0 ↺

[?]Nick »
@nick@shore.me.uk

@interpipes@thx.gg @neil@mastodon.neilzone.co.uk somehow there is a missing bit of security architecture missing, a lack of controls between systems, breaking into one should not allow unfettered access to others, and backups should be stored in a highly controlled place. I suspect they just throw it all in the cloud, and don't consider the data flows between cloud hosted components.

    ...

    [?]Interpipes 💙 »
    @interpipes@thx.gg

    @nick @neil it’s usually much more stupid than this

    Put things on the internet

    Sack (sorry… “rightsize”) any in house expertise

    Award ongoing management to cheapest bidder, who either don’t get told to do a full audit or get told it’s too expensive and that the documentation is “definitely up to date”

    Don’t update things facing the Internet fast enough (or at all)

    Get pwned

    Make shocked pikachu face and ask for government help, I guess

      ...
      1 ★ 0 ↺

      [?]Nick »
      @nick@shore.me.uk

      @interpipes@thx.gg @neil@mastodon.neilzone.co.uk agree but fundamentally they don't separate stuff facing the internet from other things. They also forget that PCs on the 'inside' are the attack vector, so trust everything on the LAN. Also how many firewalls ever have egress rules. So many things, and you are right it comes down to the cost of knowing the right thing.

        ...
        0 ★ 0 ↺

        [?]Nick »
        @nick@shore.me.uk

        @nick@shore.me.uk @interpipes@thx.gg @neil@mastodon.neilzone.co.uk I would love to do consultancy on this stuff but typically they wouldn't be prepared to spend any money!

          History

          about this site - powered by snac/2.82-dev