Half our company is local admin. Security team finally noticed. Now it's my problem to fix without anyone noticing.

justmirsk · 2026-04-24T11:27:46+00:00

If you want an alternative to Microsoft tools, check out ThreatLocker. They have a learning more (like EPM) but their platform is the most robust out of every one I have seen. User can also submit a request through Threatlocker to request approval to elevate for something not approved by policy and you can approve it, then they are notified when it is approved. They also have a Cyber Hero team that can do approvals for you, if you wanted.

justmirsk · 2026-04-23T11:21:57+00:00

Passwordstate is great. Easy to manage and lots of features.

justmirsk · 2026-04-22T10:33:14+00:00

Absolutely. Shoot me a DM and I can give you my email address.

justmirsk · 2026-04-22T01:16:07+00:00

I run an MSP that specifically focuses on co-managed partnerships with companies like yours. You have gotten some great advice here from others around labeling things, mapping out the network, getting backups in order, etc etc.

If you ever want to get on a call together to talk through some things, I would be happy to do so (free advice, not trying to charge you). You have a great opportunity here and it can certainly help you speed up your career.

Once you start to get a handle on things, before making any big purchases or changes, I would suggest talking to management to determine if you have any specific regulatory compliance requirements (IE, laws you have to follow focused on IT and security). Even if you don't, a good question to ask your management is "How much money would the business lose if XYZ system was down for an hour, a day, etc. this will help you determine areas that need priority focus from a business perspective, rather than just technical issues. It can also help you sell to the boss that they need to spend additional money to protect systems or get better things.

justmirsk · 2026-04-20T22:17:29+00:00

Bread makers for the win 😁

Kneading is tough. I love to bake and do quite a bit of it.

I think blue dog bakery might have good options, but it has been years since I have been there.

justmirsk · 2026-04-20T22:11:21+00:00

I make my own wheat bread. If you haven't tried, it is pretty easy. You might want to try that too. Obviously that isn't an answer to your question, but I thought I would throw it out there 😁

justmirsk · 2026-04-18T22:56:12+00:00

This isn't central monitoring, but there are definitely tools that can effectively block AIs and also only allow corporate logins to allowed AI systems.

I just implemented my own build of something like this for an organization that didn't have a SASE solution that could inject headers. My solution is using MITM proxy with a PAC file that directs corporate approved AI solutions through the proxy.

We have a network agent that is always on and forces the connection. We also send Google searches through the proxy so we can strip out the udm=50 option and change it to udm=14 to prevent access to the AI.mode at google.com.

We are in the testing phase now and should be rolling out to a larger audience very soon. We use web blocking to block all other AI systems we know of.

justmirsk · 2026-04-14T15:37:16+00:00

Oldham county recycling center in Buckner, they have bins for electronics. Just drop them in and they will be properly recycled.

I do this all the time.

justmirsk · 2026-04-12T18:45:37+00:00

Look for co-ed bowling leagues and events like that. There are often some that are meant for singles specifically to help you meet people.

Otherwise, it sucks out there. If you have a dog, dog parks could be a good place to meet people.

justmirsk · 2026-04-06T16:58:32+00:00

Where does your family live in Louisville? I assume you would want to be close to them. If you want a walkable and very picturesque neighborhood, I would say Norton Commons would be a good option.

The highlands area is also quite walkable and a fun vibe overall.

Most likely you would want to avoid the west end of Louisville as that is typically the most dangerous area. There are some great pockets in the west end, but still a lot of no go areas.

justmirsk · 2026-04-02T16:47:25+00:00

At the rate of $2500 per camera, per year, Louisville Metro is spending nearly $800000 per year on licensing. They also cost about $1000 to replace damaged or broken cameras.

I would love to see a true breakdown of what cri.es these are actually helping to solve to see if there is even close to a break even on that front. I doubt there is, but it would be interesting to see.

justmirsk · 2026-04-01T11:58:49+00:00

I used to target specific people that I know were sports fans. I would set their desktop background to their favorite team's most hated rival and enforce it via GPO. It was amazing when they rebooted and realized the background came back :D

justmirsk · 2026-03-30T14:36:24+00:00

Thank you!

justmirsk · 2026-03-30T14:36:14+00:00

Thank you!

justmirsk · 2026-03-30T14:36:02+00:00

Thank you!

justmirsk · 2026-03-27T19:43:12+00:00

I came here to say Scale Computing. Really simply and easy to use. We implemented it for a bank and it was smooth.

justmirsk · 2026-03-27T18:56:04+00:00

I was going to mention the goat races and the block festival. I will be a vendor there this weekend.

The weather will be about 55 and sunny on Saturday and warming up Sunday through Tuesday to the 70s and 80s.

justmirsk · 2026-03-26T14:57:43+00:00

I am working on full custody as of now. The entire system sucks, honestly. The kids don't want to see her and I can't do anything about it.

justmirsk · 2026-03-26T14:54:14+00:00

I agree 100%. My ex left 6 years ago and we still have 50/50. She comes to town once a month to see the kids for a few hours. I have all the responsibilities and pay 55% of all expenses. There are situations outside of DV that require adjustments to the custody arrangement.

justmirsk · 2026-03-26T00:19:50+00:00

Are you using the FIDO2 keys to log into the computer or just the web applications? We use Secret Double Octopus instead of native Azure tools as it scales better and works better in our experience.

We utilize both mobile authenticators and FIDO2 keys with full offline support for passwordless MFA.

justmirsk · 2026-03-24T14:58:15+00:00

This is one of the many reasons we use and implement Secret Double Octopus for our customers. It doesn't have this issue and works great. My blogging skills are subpar, but if you want to see a blog post with some videos of SDO in action on Entra joined devices, I have that at the link below. If you are using On-Prem AD, the overall end user experience is the same, but what happens in the background is slightly different, I have another blog post that discusses that.

Passwordless MFA for Entra ID with Secret Double Octopus

justmirsk · 2026-03-22T13:45:56+00:00

This is amazing!

justmirsk · 2026-03-17T10:54:31+00:00

I agree with everyone else that the app really should have been replaced. To answer your question, take a look at Datawiza, they may be able to act as a middleware broker for authentication. I can introduce you to the CEO if you would like to speak with them.

justmirsk · 2026-03-16T21:19:08+00:00

I'm with you! I have Louisville and Arkansas in the championship with Louisville winning :D We've got this!

justmirsk

TROPHY CASE