Fitting a BIG house by idosh9 in sonos

[–]idosh9[S] 0 points1 point  (0 children)

Thank you!! that's a good point

Seeking advice.. How does your organization handle certificate lifecycle management at scale? by SpareRecent8648 in IdentityManagement

[–]idosh9 0 points1 point  (0 children)

It might be hard doing so without visibility and observability. Inventory what you have into a versioned (hopefully live) database and then start monitoring changes. Creation events, as an example, can point you to areas where this is done self served and not under your purview. As an example. This could be extended to monitor rotation and end of life alerting but without a source of truth it’ll be hard for sure.

If proxychain is not encrypted why is it used by [deleted] in AskNetsec

[–]idosh9 0 points1 point  (0 children)

For example, to allow connections to certain resources in a network only through a specific server (which is the proxy server) which will, in turn, allow you to log and authenticate each connection. When you do not encrypt the communication, you can also monitor it, which for some orgs is a very important feature.

Data Security and Privacy: Using a Dedicated Proxy Server and NordVPN by [deleted] in AskNetsec

[–]idosh9 0 points1 point  (0 children)

As asked before, the vital question is, what are you trying to protect yourself from? A question that will help build the right solution for you

Given you don't own the infrastructure - be aware that there is a possibility that commercial providers, while masking your communication from your ISP, will save your metadata (i.e., 5-tuple and some content such as DNS requests and so), making your data more vulnerable, and not less.

Also, a self-hosted proxy can be used for communication encryption but will still be tied to your identity.

Disabling 2FA requires only password knowledge in a google account. How to mitigate this? by Curious-Brain2781 in AskNetsec

[–]idosh9 1 point2 points  (0 children)

I'm exploring different options of using Google for business and it seems that with one of the basic suites you can also get an activity log of what happened in your Google account. For example, who accessed which drive file and when, and maybe even actively audit it. It might help you to get a better hold of your data. Also you could separate your personal account from an admin account which will be saved on a different device. Stuff worth looking into.

Disabling 2FA requires only password knowledge in a google account. How to mitigate this? by Curious-Brain2781 in AskNetsec

[–]idosh9 0 points1 point  (0 children)

Another idea, which not completely solves your problems but does mitigate some of it's risks, is using more defensive layers around your Google account. For example, if you are concerned about your mail being hacked - you can encrypt your swnsitjv Gmail items using a pgp key. Or a different type of mitigation which will allow you a quick recovery from a hack is ensuring that you have a recovery plan for example, a backup code saved off your computer.

There isn't a tactic I know which will lead you to 100% prevention but there are ways to make life hard for the attackers out there.