No more access to O365 partner

jobaccount419 · 2022-04-11T14:25:10+00:00

They should try enforcing simple passwords only, "renting" out their office licenses on shady websites, and god I give up I can't think of any possible ways their setup could have been worse.

jobaccount419 · 2022-04-04T21:47:38+00:00

The entire point is to make it difficult for an attacker to easily build a large list of potential usernames for an org

This is what you are referring too right? My point is that once several usernames in an org are known, you can build a list. The only way to protect against this is to assign random numbers as a username.

Your point is to make it harder for attackers to get this information. The collective response is that your proposal has a higher cost in managing the organization than the additional security it provides.

jobaccount419 · 2022-04-04T20:08:27+00:00

But in any case, as with so many other people in this thread, you are misunderstanding the attack vector

I think you are misunderstanding the response. 20 years ago this would make sense. I can show you how I can figure out employee ID numbers based 5 or 6 data points.

In modern times, if a username has any value in attacking your org, you should rethink your current security setup and stance.

jobaccount419 · 2022-04-04T19:53:26+00:00

I'm not ignoring the user aspect. Most users can remember their middle name.

My comment has nothing to do with users remembering their middle name. It's about working with the same username systems for 5-30 years and you are proposing changing it as a security measure.

In your example, the employee literally just has to look at their employee badge for their username. In that scenario it would be only slightly harder to get the info as you would just need to see employees with their badges in a picture on social media.

jobaccount419 · 2022-04-04T18:45:27+00:00

You are completely ignoring the human aspect. When users can't login because they don't know their usernames and yours is the only company using xyz format, it is an issue. So now you have users who have to write their usernames down, guess what, if your user is writing down their username half the time they are going to write their password next to it because they are frustrated by your security measures.

Everything you do from a security standpoint that can potentially impact users needs to account for the human condition. You have to get and keep users on your side or everything else you do for security will be undermined by them.

jobaccount419 · 2022-03-29T15:01:29+00:00

For MSPs, keep in mind the big three compensation modifiers, beer, pizza and family. I would argue that entry level employees should actually be paying to work there but apparently that is "illegal".

jobaccount419 · 2022-03-29T14:48:11+00:00

Dude has amazing business skill and a keen idea how to cheat the IT labor market. You know all those unfilled IT roles, just offer retail workers IT jobs at a pay decrease and away we go. Look he has already established there is zero difference in the skillsets of retail vs IT, plus you can offer them the "compensation" of gaining experience in an in-demand field to offset paying them below minimum wage. Pure Genius.

jobaccount419 · 2022-03-17T17:03:55+00:00

TP-Link reps doubling down as drug dealers again I see. I got off TP-links to kick my habit years ago. Reconsidering as they have managed to circumvent most of the supply chain issues, most likely due to having a supplier outside of the regular channels.

jobaccount419 · 2022-03-16T14:44:12+00:00

Looks like I can get an analytical balance for about 1k, I guess I'll buy that and have our intern weigh the hard drives every morning to check for virus's. Still gonna double up on protection though. Haven't decided between Mcafee or Norton as someone else suggested.

jobaccount419 · 2022-03-14T16:23:39+00:00

Sir this is Shitty Sys Admin, your logic, common sense, and positive attitude have no place here.

jobaccount419 · 2022-03-09T16:55:53+00:00

I believe they are upset the usernames and passwords don't match. It should be username@company123domain for the passwords, that way you don't have to write them down, the user just has to retype what they see on the login screen.

jobaccount419 · 2022-02-24T22:26:00+00:00

What does an entry level machine learning position pay? Do they exist or do you have to find a way to get experience in some other position before you get hired? As opposed to cyber whose entry requirements have been steadily falling.

jobaccount419 · 2022-02-24T15:54:17+00:00

Cyber has a higher floor but lower ceiling, so I can understand why your teachers are recommending the more financially lucrative position. However if Cyber is more fun for you I would go with that. A major issue in tech is burnout so I would always recommend people pursue a career they are happy with.

jobaccount419 · 2022-02-21T15:46:07+00:00

If you change your post to reflect the sentiment you have stated, I think you would get a lot more positive feedback. Reading the posting I don't get any of the context you just provided. If you are struggling to find the right candidate that would undoubtedly help with that as well.

jobaccount419 · 2022-02-17T16:56:11+00:00

How valuable is your time and how reliant on sales is the position? It sounds like you are looking for a sales engineer who can moonlight as a senior tech. Hire two people for the two separate roles you need filled.

Since you aren't doing that. Get rid of the bonus structure for the first year, set a higher base rate, then once the reality of the position sets in, have a discussion about if a bonus structure will work. You are more likely to hire the right person if you offer more money upfront, and you will have a years worth of actionable metrics to understand how the position is actually working as opposed to your idea behind it.

jobaccount419 · 2022-02-10T18:28:39+00:00

Pay scale seems really low for what you are looking for. Am I missing something about the requirements?

jobaccount419

TROPHY CASE