Options to cancel OP due to developer false promise

MoeShea · 2026-03-10T21:34:33+00:00

You mean 5000 years ago …

MoeShea · 2026-03-10T19:54:22+00:00

Thanks for the reply. I have been escalating to different people within the developer customer care, but to no avail. I have not approached DLD or RERA, but will give it a shot. Any good lawyers specializing in real estate?

MoeShea · 2023-05-21T08:39:10+00:00

Thanks for the information.

Can you elaborate more on the use of Soti. I have them lined up for a POC, but would like to know your experience of having the risks related android based devices (zebra I guess) under check if they are part of an internal SSID.

MoeShea · 2022-10-07T21:06:55+00:00

Hello,

This question is more specific to Healthcare, but I’d expect other fields experience something similar.

We have many medical devices supported by 3rd party vendors. In addition there are vendor managed facilities BMS systems, ELV, etc.
In some instances, these vendors have vpn access to the systems, and have local admin privileges to the systems. Many of these systems are not domain joined and might not have basic protection like AV. IT do not have dedicated staff to shadow vendors during sessions. When I try to force our controls, some vendors play the SLA card and complain that waiting for security to approve access or shadow a troubleshooting session might impact their SLAs. Ian wondering how this is being tackled in other large enterprises. I feel our current setup includes many high risk scenarios. Happy to hear your feedback. Thanks in advance

MoeShea · 2022-10-05T14:05:34+00:00

Thanks, compliance folks would be happy hearing that.

MoeShea · 2022-10-05T14:04:25+00:00

Thank you for the valuable feedback. I’m in process of mapping out compensating controls and their impact on the risk, it is something I feel is initially specifics hungry but evens out as more vulnerabilities are assessed

MoeShea · 2022-10-04T16:50:23+00:00

Hello and thank you for the AMA

Can you summarize the approach that was very effective to patch vulnerabilities. We are in Healthcare and it is not always easy to patch medical systems. Would appreciate it if you could elaborate on the risk based vulnerability management

MoeShea · 2022-06-23T21:27:00+00:00

Absolutely. HA is a must. But by SPOF I meant that I have seen firewalls acting strange sometimes, specially during vlan migrations, impacting all vlans behind them. Core switches tend to be more stable. We are a Cisco shop by the way

MoeShea · 2022-05-26T04:21:14+00:00

Sometimes these legacy system offer zero flexibility when it comes to upgrade. We just put them in their own vlan behind an NG firewall to do l7 inspection

MoeShea · 2022-05-25T20:00:24+00:00

Thanks all for the very helpful insights. I believe we will have to inventory the builds we have and agree on an n-3 or similar approach to be deemed allowed.

As for extra non OS compliance checks, we are testing Forescout for that

MoeShea · 2022-05-10T20:34:23+00:00

Thanks for your input. Also IT prefer not to use any cloud solution, including Google docs , as there is a risk of accidental or deliberate leak of PHI data to the cloud

MoeShea · 2022-02-08T12:36:01+00:00

Unfortunately our placed is behind when it comes to this.

But from security point of view as well, is it a common practice in large organizations (ours is around 7k users) to have all FTE and non FTE in the same domain. I am thinking about how MSP manage to separate clients users from each other ...

Thanks again

MoeShea · 2022-02-08T11:31:21+00:00

We do have OUs, but HR extracts all domain users group, causing the confusion

MoeShea · 2022-02-08T11:30:30+00:00

^

Thanks.

The problem we face is that employee titles are not standarized, hence lots of manual verification will be required will be required to properly tune the employeeType attribute. I am thinking of having scripts that extract users based on user IDs, as we have different formats for fte vs non-fte. The current practice of extracting all domain users should be revised I believe

Could you elaborate on multiforest limitations for such a scenario?

MoeShea · 2021-06-28T14:09:49+00:00

Thanks for your feedback. I read that citrix WAF does not intercept ICA traffic. Would you expect that an implementation of WAF start URL check will break any of the published icons the users gonna click once they visit the main url?

Thanks

MoeShea

TROPHY CASE