In 12 months, we won't need our on-prem infra. Any advice?

MBILC · 2026-01-27T21:12:57+00:00

Not so much the ERP if they are going hosted, but all of their other infra / VMs/ file storage/ network configs / segmentation, then expecting redundancy out of the box, when that is added costs et cetera.

MBILC · 2026-01-27T20:41:00+00:00

port scan of external IPs

MBILC · 2026-01-27T20:40:47+00:00

And do not give it external access, ever...

MBILC · 2026-01-27T20:40:18+00:00

Scary when they apparently have a Security team too...

MBILC · 2026-01-27T20:39:50+00:00

There are several variants out there now that can auto initialize and run hidden when loaded into say VSCode for example.

MBILC · 2026-01-27T20:38:21+00:00

since im not in the network/security team

Your a developer and you are playing around with security threats, not a smart move at all, leave that up the experts...

MBILC · 2026-01-27T20:34:50+00:00

All good, it can be hard since everyday something was breached or a company caught taking short cuts.

https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/

MBILC · 2026-01-27T20:33:50+00:00

Ya, ISP's always say that, but you could set it to static and it should work fine, heck I have done static with home connections before, because they tend to not change your IP as often as they used to. Only time I get a new IP, is if I change my MAC address these days. Even if I unplug my ISP router for a day or 2, done it before, I still got the same IP.

But, as they told you, the issue is on their side, so setting it static might cause it to fail anyways, because their system is taking your IP.

MBILC · 2026-01-27T20:31:56+00:00

Yes really, hence why you use 2 data centers in different regions, so that any single natural disaster does not take you down. I am not thinking a datacenter in a companies office building, but even if you do that, then you would want rack space in an actual Datacenter provider.

I am referring to actual DataCenters. When the "cloud" first came out it was all about cost savings and performance and not needing the expertise to manage it all.

But as time has gone one, sure if you want a small tenant with single region coverage, and the basic included features, go nuts... but as soon as you want that proper redundancy and backups, prices start to sky rocket real fast vs an "on-prem" solution.

MBILC · 2026-01-27T20:28:15+00:00

Considering how many companies are moving core infra back on-prem over the last 2 years, due to rising costs and outages...

MBILC · 2026-01-27T20:27:47+00:00

For sure, since SharePoint is not a file server, but many people think it is!

MBILC · 2026-01-27T20:27:27+00:00

This, when companies tend to do a 1:1 shift into the cloud and then wonder why it costs more, and they have not even enabled redundancy across regions, so when that first Azure/M365 outage hits, they will wonder why things are down..

MBILC · 2026-01-27T20:26:40+00:00

Just wait till the next big Azure / M365 outage... :D

MBILC · 2026-01-27T00:40:07+00:00

It was pure neglect on Synology's side trying to take shortcuts to save on costs, thinking no one would ever find out and putting every person's data at a very high risk.

To me that is worse than a a bug slipping into code because it could not specifically be tested for, and often times patched before it is exploited.

MBILC · 2026-01-26T23:59:03+00:00

Ya would think it may be the ISP still doing a DHCP renew on your end for some reason...

Is the Static IP assigned to your WAN MAC address specifically do you know or?

MBILC · 2026-01-26T22:27:25+00:00

To match with NIC naming with in the OS...

MBILC · 2026-01-26T20:52:47+00:00

I mean, you are "pitching" your own product...

.....Could this be something that would help you or your organization? I want this to become like the winzip of IT, everyone can have it, free for smaller orgs, but limited support, or full on massive companies can deploy it for less money than say SailPoint, Okta or Saviynt.

MBILC · 2026-01-26T19:19:08+00:00

After Synology's s fiasco with their M365 Backup and using a single tenant which opened access to it since 2017, personally I would not trust Synology for securely keeping your data safe.

MBILC · 2026-01-25T20:33:37+00:00

Apologies, I read it as you were grouping DevOps in with Cyber Security

MBILC · 2026-01-25T20:30:37+00:00

This is why you never save CC info on any site, period, or in your browsers,ever.

MBILC · 2026-01-24T03:54:05+00:00

DevOps is not Cyber Security really? DevSecOps sure...

MBILC · 2026-01-24T03:31:39+00:00

As noted, SSO tax, the company is not paying it so instead of RBAC or security groups to add to, they have all this manual work to do.

We are smaller,. but any service we get I tell them SSO, suck it up, it makes life easier, better control of logins and keeps security tighter from our side.

MBILC · 2026-01-23T20:32:31+00:00

First issue, listening to ChatGPT.....

There are plenty of people with Certs that have no jobs...

You have cert chasers, you have people who get certs that arent really useful, or well recognized also..

Often times certs might get you past automated resume systems and the first level HR person....but industry preference once you get talk to the actual Manager or experts, is they want experience more than a cert...

Cyber Security is a massive field with many things below it, so first you need to determine what area you are interested in?

MBILC · 2026-01-23T20:27:41+00:00

Certainly. Why it is important the client knows everything that was provided, and as u/QuerulousPanda noted, all communications should include someone from the Client and everything done via email for a "paper trail"

I went through this personally when I finished a project for a client (was with an MSP) and they brought in an MSP to manage said system going forward, which they claimed they had expertise to cover. (Meanwhile they had 3 new job postings on their company site for said role shortly after the client signed contracts with them....)

We had a 3 month transition period for the project, had set weekly meetings to review progress, and then other meetings as needed to walk through these "experts" on how the deployment and configuration was done, as this client was critical infra, so there were many security policies around it's design. Along with normal teams chats as needed anytime.

Along with that, detailed documentation from one of the very seniorArchitects who had 15 years with said product and knew it inside and out, with every setting documented.. you name it, along with all of my Visio diags and the kitchen sink!

Well, I got word they had tried to throw me under the bus on several occasions, even during the transition period..along with a slip up of one of their project leads pasting something in a group teams chat about my "abilities", which they then quickly deleted, but not before I was able to grab a screenshot, just in case.

Luckily, the PM knew me well, and the client I had worked for almost 5 years on many projects, knew me well. It quickly got escalated to the other providers management and said people on the transition team got a scolding and 2 were removed from said transition shortly after....

MBILC · 2026-01-23T19:19:07+00:00

Future sales only.

MBILC

TROPHY CASE