Is Whitelisting a Good Security Practice?

Whitelisting has been for sure a relatively standard and sometimes as a hardening security measure but it depends how we implement and maintain it and where it is initially enforced.  Whitelisting could be against you if setup at the wrong spot or with inadequate supportive elements. I highly recommend whitelisting behavior rather than whitelisting elements […]

Vendor Risk Assessment: Hassle or Blessing?!

A Security Questionnaire, RFI, VRA (Vendor Risk Assessment), VR Management…helps customers identify and evaluate the risks of using a vendor’s product or service. Performing such a review is sometimes mandatory based on the industry (e.g. healthcare). During this standard business process, customer collects written information about security capabilities of a supplier and you could barely […]

One Strategy to Win the Cyber-security Battle: Change the Focus!

Sales pitch force us to worry about things that are not so important; Change your mindset to win the battle!   “Battle” would not be the right term if we didn’t have a market full of competition to sell cybersecurity products rather than focusing on the right and real way of defense. In other words, focusing […]

Tools vs. Techniques

Operations fail by focusing on tool rather than technique! In context of information technology, with all primary operations like Systems administration, Patching and updating, Backup and replication, Malware protection…and all related sub-tasks, focus on Tools is an enemy of the process! Defining, developing or choosing a technique in advance is crucial to an IT operation. […]

Good IT Exercises: Documentation!

Everybody’s talking about importance of physical exercise and routine workouts these days, and of course that’s the result of 21st century life-style which is forced through technology but how about some technology exercises and routine practices which can help reduce the pressure on tech staff workload and leads us to a healthier IT environment? Documentation […]

Naturally Secure Windows Machine

How to utilize native Windows security features to get beyond all the tools in the market?! Most of the times ‘extra tools’ are just for doing things in a different way, perhaps more convenient, but not necessary in a better way, or more effective, cheaper or faster way and Windows is not an exception. Speaking […]

Five signs IT is overwhelmed with operations

There are signs before your IT department faces a disaster or worse, jeopardize your business by affecting tech operations in different departments. Those are signs of an overwhelmed IT so let’s take a look at common signs and symptoms: 1) Lack of resourcesWhenever your IT staff are always talking about lack of resources be aware […]