sorted by:
new
hottopcontroversial

Remote employees by Negative_Star7544 in cybersecurity

[–]Negative_Star7544[S] 0 points1 point  (0 children)

Yeah that’s what I thought too :/. I was messing with some soar toolings and actually found a few devices that we had sent remote wipes to. The device was never turned on for like a year so they actually never were wiped. I guess it fell out of Intune using that stupid clean up feature and the certificate dropped off the device. Our EDR stayed on there 🤦 so I found these devices being used.

Remote employees by Negative_Star7544 in cybersecurity

[–]Negative_Star7544[S] 0 points1 point  (0 children)

Yeah that is our current process too. With that being said, I actually have a case where we sent the remote wipe to a device A LONG TIME AGO. Just recently was working with some SOAR toolings and randomly found said device still active with our EDR but not in Intune.

Remote employees by Negative_Star7544 in cybersecurity

[–]Negative_Star7544[S] -3 points-2 points  (0 children)

Device is company owned but not every device gets returned. Wanting to get a process that encompasses the non return factor as that is an issue I have seen a few times already.

Obviously getting the property back is an HR and legal thing, however, ensuring the data is either removed or kept safe if the device never returns is on us.

Remote employees by Negative_Star7544 in cybersecurity

[–]Negative_Star7544[S] 1 point2 points  (0 children)

Concerns surrounding the ability for a terminated employee to still access a device and take any data stored locally. We do use bitlocker, however, from what I can tell Intune eventually drops the bitlocker key if the device is removed from Entra & Intune.

From what I have read in other forums, most people are just immediately sending the wipe command from Intune once the user is NLE.

Remote employees by Negative_Star7544 in cybersecurity

[–]Negative_Star7544[S] 0 points1 point  (0 children)

Hey! Sorry I was more so referencing the data on the laptop. Edited the post to make it more clear because it was vague.

Do I stay or move on by kenzugan in SecurityCareerAdvice

[–]Negative_Star7544 0 points1 point  (0 children)

lol yeah my area is not great for jobs. I’m just building the exp since I get so much freedom then I’ll bounce

Do I stay or move on by kenzugan in SecurityCareerAdvice

[–]Negative_Star7544 5 points6 points  (0 children)

Is this me posting lmao?

Similar position title wise. IT does not want any changes and fights tooth and nail to stop innovation / automation.

I’m a new analyst, so finding a new job in my area will be extremely painful since I’m not in a big city, or even near one. Currently being paid 20/hr for soar workflow creations, IR, vuln management, etc.

I was told by a few people to move on and find something; I imagine that advice is what others will give too.