Insight Blog

AWS Control Tower Blog Image

11 Jan: AWS Control Tower & Customization for Terraform

Much has been said and written about the cloud and the benefits it offers. However, with all these benefits, there are challenges with respect to faster cloud adoption, compliance, and security of the overall environment. Every organization that wants to migrate or implement workloads in the cloud has different needs and priorities, which means there’s no one way for adopting cloud best practices. However, a well-designed and documented execution of the AWS Control Tower is one of the recommended approaches.

DL Cyber Blog FI

22 Dec: Dedicated State and Local Government Cyber Grants Are Coming

State and local governments will be receiving dedicated cyber grants for the first time in 2022, now that the new bipartisan legislation has passed. While previous federal programs offered the potential for grants for cybersecurity projects in state and local governments through the Cybersecurity and Infrastructure Agency (CISA), these grants were not previously dedicated (required) to improving cybersecurity.

MDR Blog Image JF

17 Dec: Attention: The Third Phase in Managed Security Services is Here

Unlike legacy security solutions that alerted after nearly every log event, today’s MDR services can detect—and resolve—many security issues with minimal disruption. A few years ago, identity theft protection company LifeLock aired a commercial that humorously contrasted its competitors’ security monitoring services with its proactive services.

Log4j Breach Blog

15 Dec: Investigating and Mitigating Log4j/Log4Shell Vulnerability

On Dec. 9, 2021, a remote code execution (RCE) vulnerability in the popular Java-based logging package Log4j was disclosed.  Submitting a specially crafted request to a vulnerable system allows an attacker to download and execute a malicious payload to perform additional functions such as data exfiltration, diverting funds, performing surveillance, or disrupting service.  What many experts fear now is that the bug could be used to encrypt data and due to the discovery of this exploit being so recent, there are still many servers, both on-premises and within cloud environments, that have yet to be patched.  Scanning activity for CVE-2021-44228 has actively begun on the internet with the intent of seeking out and exploiting unpatched systems.  Apache Log4j versions <= 2.15.0 rc1 are vulnerable. 

Rob Kim Secure Everything

08 Dec: 3 Essential Capabilities to Secure Everything

Innovation and top-line growth are consistently two of the top three key priorities for business executives. Security is always sandwiched right in between these goals, as the threat landscape and perimeter constantly evolves – and never for the better. The digital paradox holds that the same technologies that allow us to innovate and grow give sophisticated intruders the same tools to innovate their method of attack. Just like a chain is only as good as its weakest link, the same goes for our approach to security. It doesn’t matter where in your IT environment a breach occurs; in the end, everything gets affected.

Intel Optane 3 Blog Image

01 Dec: Base your server refresh strategy on 3rd Gen Intel® Xeon® Scalable CPUs and Intel® Optane™ PMem

It’s a common occurrence in many data centers: systems are running at peak capacity, workload demands are increasing, and it’s time to plan for the next server refresh cycle. But all too often, organizations take the path of least resistance and simply augment existing server resources with more of the same – a “go with what you know” approach.

Cyber Month Recap Blog Tile

29 Nov: Recap: Cybersecurity Awareness Month 2021

Presidio celebrates Cybersecurity Awareness 24x7x365, but we especially love Cybersecurity in October. Cybersecurity & Infrastructure Security Agency (CISA) just closed out its 18th year deeming October as the month to bring awareness to the importance of cybersecurity. 18 years ago, the internet was in its infancy. Now, it is a part of everyday life.

RTB Feaatured Image_

11 Nov: Why Resource Tagging Is Important in AWS Cloud?

Have you ever been worried about organizing and effective management of your 1000s of AWS resources? Have you ever been surprised with higher AWS bills with no detail of underlying services? Then AWS Tags is your friend, it can help you by assigning your custom metadata and enables you to categorize your AWS resources by filtering your metadata. It can help you in the identification of resources, budget planning and several more. This article is based on our collective experience with various clients and briefly talks about some of the best practices for AWS Tagging, strategies, and tools for effective governance.

Rob Kim Transform to Digital Blog FI 2

09 Nov: Why Data is Critical to ‘Transform to Digital’

The worst kept secret in the business world is the rapid disruption of traditional workplace and workforce norms, accelerated of course by the ongoing pandemic. There is no shortage of blog posts and think pieces written that compel organizations to digitally transform their business and operations to keep pace. Yes, technology is emerging as a true business partner, as executives across sales, finance, marketing, and other departments lean on their IT counterparts to innovate. Most organizations are even embracing a software engineering mindset, as containers and low-code options are democratizing the development space.

Security Gartner Blog FI

03 Nov: Pivoting Cybersecurity: Going on the Offensive

It has been about 5 years since WannaCry and NotPetya hit companies worldwide in full force, launching a new era of cybercrime. Now, there’s a new report of a ransomware attack weekly. Although this may seem scary, we know more now than we ever have. With each attack, we can see and ultimately learn from which vulnerabilities were exploited. We cannot prevent the inevitable, but we can prepare and minimize the effects. There is a famous quote by author Zig Zigler “Success occurs when opportunity meets preparation.” While a ransomware attack is not an opportunity to look forward to, it is important to be prepared.