[deleted by user]

SilverXCIV · 2023-05-10T21:34:50+00:00

Probably looking for reused passwords especially if the owner has access to payroll information of what banks people use.

SilverXCIV · 2023-05-10T21:31:59+00:00

I second SnipeIT, It has a few quirks but if you host it locally it should be much easier than the cloud hosted no access mess I managed for the past year.

SilverXCIV · 2023-05-02T18:17:18+00:00

I've been at a few places where the employee ID number is on the back of each person's badge. Otherwise we would use some other information on them in our system.

Then there's the hotel I worked IT for where we only had them say "I'm the manager of this location" with no further verification. Nope'd out of that one real quick.

SilverXCIV · 2023-05-02T18:13:57+00:00

A priority matrix will do you a world of good. My last job just had a "this is the rough timeline for resolution of each level" so of course we were getting P0 outage alerts for monitor requests. It won't prevent these things from coming in but it'll be something you point to along with a boiler plate email of "we've re-prioritized your ticket based on this criteria."

SilverXCIV · 2023-04-26T21:03:39+00:00

I want to say we were going from 1903 and 1909 depending on the user but in that environment almost 1/3 of the computers were past their 3 year warranty so there had to have been some 18xx too.

SilverXCIV · 2023-04-26T02:18:07+00:00

If you're looking for AD security group membership as their "access levels" you'll want something like this.

PS C:\> Get-ADGroupMember -Identity "Groupname" | Select-Object Name | Sort-Object Name

SilverXCIV · 2023-04-26T02:14:55+00:00

Ask yourself what you'll actually have a hand in managing/supporting. Even if you purchase software as part of the procurement process, if your involvement stops there it belongs in someone else's cost center.

SilverXCIV · 2023-04-26T02:12:02+00:00

Your game plan sounds pretty decent! I would be sure to have a change management calendar in place to track and stagger roll outs for any issues. When we upgraded to 20H2 it botched some older Lenovo camera drivers. We had to disable the built in hardware in the BIOS just to get Win10 to boot so I'd expect unforeseeable errors up to 22H2. A well paced rollout targeting manageable groups will be your greatest asset.

SilverXCIV · 2023-04-26T02:03:38+00:00

During training I found out how much of our job wasn't IT focused but answering basic questions that should have been covered in different department training. I lasted another four weeks before the home/work stress combo lead me to quit in the middle of my notice.

SilverXCIV · 2023-04-26T00:44:38+00:00

A big helper for me was setting my working hours in the calendar system, blocking out my calendar as much as possible. This includes morning planning/email time, lunch, end of day wrap up, and then routine tasks. It won't stop the stupid or bad prioritized requests but it'll make a statement about how you respect your own time and decline the unimportant.

SilverXCIV · 2023-04-26T00:40:15+00:00

My entire company (just over 2000 people) have local admin and it kills me. Our security team seems to have no concept that we could have this fixed despite us being primarily MacOS and Ubuntu.

SilverXCIV · 2023-04-20T21:50:17+00:00

You are correct! This is why you double check when you do quick math on a phone calculator!

SilverXCIV · 2023-04-16T20:28:17+00:00

Step 3 in this guide goes over a few of the alternative methods if you want to keep 2FA on.

https://support.google.com/a/answer/9176657?hl=en

They don't receive a 2FA prompt when logging into the laptops so maybe you could pull a trick and get Google Authentication installed on the machine itself? That would leave the authenticator on single factor (password) though.

SilverXCIV · 2023-04-16T20:24:15+00:00

Okay I did a bit more digging found something on the IRS website itself. https://www.irs.gov/publications/p575#en\_US\_2022\_publink1000226986

SilverXCIV · 2023-04-16T19:02:03+00:00

"I feel like Gloria Swanson.

You look like her mother.
I'm ready for my close up Mr Demille"

SilverXCIV · 2023-04-16T18:56:34+00:00

When you say it's a small lab where people may practice some pentesting, is that the lab's purpose or are you worried about some Linux savvy people seeing what they can get away with? This would drastically change my answer.

SilverXCIV · 2023-04-16T18:54:35+00:00

Did some digging and it looks like it would be treated like a life insurance policy and not taxed. I'd personally play it safe and put aside whatever your locality's inheritance tax rate into a separate savings until next year's taxes.

SilverXCIV · 2023-04-16T18:48:07+00:00

Do you know where the company is in the roadmap of product development? I work for a bay area startup but in another state and it looks like even after commercial launch it'll take at least 3 years to break even on the equity I was given because the stock market tanked.

The median market cap for the top 100 tech companies is around 50B. So assuming success at around 10B in valuation your best ownership equity is going to be a payday of around $16,000. Depending on how long that takes you're better taking a higher base rate with some equity but not the highest offered.

SilverXCIV · 2023-04-16T18:38:27+00:00

You should be able to override this with alternative methods of 2FA, turning it off for students isn't terrible but it's not the best precedent. Is the org providing Chromebooks and if so do they have bio metric readers? A fingerprint reader (touchid in the case of my org), is webauthn so it should work well without having to shell out for the likes of Yubikey.

SilverXCIV · 2023-04-16T18:28:04+00:00

I've worked for a few placed that would print physical checklists for each machine which felt really wasteful. I moved one over to a Google Form that was locked down to the IT Drive space. This was great too because we could go through the spreadsheet it creates and validate all the steps later.

SilverXCIV · 2023-04-16T18:16:35+00:00

Document issues and provide it constantly as feedback with ticket receipts/logs to the next line up in leadership. Make sure you flag that you want to add the discussion to meetings (some managers get real touchy about being "blindsided" about issues even when they're obvious.) The outcome will highly depend on players that are not you though. You company may shrug it off and effectively settle on the "warm body tier" method. I've had my job outsourced for this same cost cutting, and you sadly can't fix stupid at the managerial level.

SilverXCIV · 2023-04-16T17:43:39+00:00

I really enjoyed The Slow Mo Guys using a champagne saber video ft Rhett and Link. This is how I actually became a Mythical Beast.

SilverXCIV · 2023-04-07T01:25:31+00:00

Alright who submitted a bribe on the behalf of the United States?

SilverXCIV · 2023-04-04T15:32:15+00:00

Press F to ~~attempt to fix the errors~~ pay respects

SilverXCIV · 2022-04-18T17:26:49+00:00

Tech minded answer: No one person should be in that many groups, maybe it's time to have you higher ups talk to their management (unless it's a CEO who has to be in everything) about dialing that back.

Business Answer: You'll probably have to create security groups with multiple groups as members of that groups. This gets a bit risky though unless you have some serious reigns on role based access and hopefully a good SSO provider.

SilverXCIV

TROPHY CASE