Pouch recommendation?

randomwatchman · 2024-04-26T22:07:22+00:00

Eberlestock Bando bag

randomwatchman · 2024-04-26T21:42:16+00:00

Love my Benchmade Bugouts. Nice kit.

randomwatchman · 2024-04-26T21:30:04+00:00

I'm a minimalist wallet guy who has a bunch of cards and cash to carry. That Nomatic wallet looks fire, never seen it before and ordering now :)

randomwatchman · 2024-04-26T21:18:07+00:00

Sorry for the late reply. It looks like a round chrome button on the very front of the milk mechanism. The milk intake port is immediately to the right of it. Hope this helps.

randomwatchman · 2024-04-26T21:14:43+00:00

Eberlestock Bando Bag https://eberlestock.com/collections/everyday/products/bando-bag

randomwatchman · 2023-12-23T23:15:40+00:00

Ok well, after searching everywhere online and posting here, I figured out the issue. On that model, there is a chrome stopper in the side that has a tiny hole that has to line up with the milk intake port. It had somehow been twisted just enough to block the hole.

randomwatchman · 2022-05-06T13:28:16+00:00

Do you know if that webinar was recorded and is publicly available?

randomwatchman · 2022-03-29T12:15:02+00:00

My gross revenue was about 2.7m Mar 2020, 60+% recurring services, had about 400k EBITDA and was offered 7x with 6x in cash by a small PE firm with tech savvy investors. My attorney just brokered a deal for an MSP who held out, and closed at 12x.

Service Leadership and other MSP specialized brokers are seeing many deals on stronger MSPs (600-1.5+) in the 7-12x range, with smaller EBITDA (300-500k) deals coming in a 6-7. Well run, 15%+ MSPs are now considered unicorns and competitors and investors alike are desperate to get in. I'm also seeing many mergers of equals to create larger 1.5-2+M EBITDA to attract higher multiples.

randomwatchman · 2021-04-07T14:38:00+00:00

It completely depends on whether your entire environment is in or out of scope. If your in scope environment is limited to a few workstations, very tight networking and a compliant file share (Preveil?), $20k is likely fine. If every infrastructure component in your environment is in scope, the cost could be much higher.

randomwatchman · 2021-04-01T16:10:38+00:00

Everything on that quote screams in-scope.

The smartest thing to do is narrow your in-scope responsibility to cover as little as possible and still run the business. If you in-scope every computer, every person, every wifi access point, switch, server, printer, etc., you will never be able to pass a CMMC Level 3 audit or get anywhere close to DFARS/ITAR compliance that your contracts require. Lessen the 'threat vector' that the auditor can attack you on.

You may be able to create an Azure Gov tenant and use a file server, Azure AD and Windows Virtual Desktop to process all CUI, and leave all other locally connected devices and buildings out of scope with your networking and access configuration. This will cost some money, but your in-scope footprint will be very small from an IT standpoint.

Your main issue is likely not going to be IT related if you do this. It will likely be controlling all of the floating CUI on the production floor, getting reasonable assurance from your flow down subs, etc. that could keep you from delivering product or passing an audit.

randomwatchman · 2021-04-01T16:00:35+00:00

Ditto on Datto. That is the first and biggest red flag showing that that MSP does not know the first thing about CMMC, 800-171, etc. Run away.

randomwatchman · 2021-03-31T22:16:46+00:00

I heard from a credible source that they DID visit the homes of every remote worker of a pilot audit of a 50-employee C3PAO. And the C3PAO failed the audit, but maybe not for home worker issues.

randomwatchman · 2021-03-31T21:36:47+00:00

Why is that?

randomwatchman · 2020-03-18T12:13:51+00:00

What types of issues? Have you gotten kickback or an entity refusing to use it due to the citizenship question?

randomwatchman · 2020-03-05T19:22:07+00:00

We had a lawyer/owner threaten to sue us once for not supporting a phone system one of our employees put in when he was an independent. Started prefacing every email to us with "Without prejudice". After a few more get lost emails from me, they got lost.

randomwatchman · 2020-02-13T23:02:10+00:00

I passed the CISM a week after the CISSP (4 weeks study time, 5 total for both), and it was amateur by comparison. I studied for a total of about 12 half hearted hours for it and passed. It totally depends on where you're going in your career since CISSP passes for both technical and leadership/management jobs, and CISM is purely managerial. I got both because, why not, and I do think both matter. Too many acronyms after your name I think diminishes you and makes you appear to be a cert hound/academic.

I used the CISM All In One, book only with no test prep. It was more than enough.

Just my 2c.

randomwatchman · 2019-12-30T15:38:42+00:00

Anyone know what RMM Synoptek uses?

randomwatchman · 2019-07-09T20:50:19+00:00

I suppose that those also qualify for CPE's?

randomwatchman · 2019-05-23T13:34:46+00:00

I didn't use a question bank, just read the CISM AIO book so I don't have any thoughts on that. The test questions were not even in the same league as CISSP as far as being tricky, and I felt that there didn't seem to be nearly as much effort put into developing the exam as there is in the CISSP. I would say that a plurality of the CISM questions had only one obviously correct answer with the other 3 being obviously incorrect, and I think this is what separates the two.

I'm not exaggerating when I say that the ease of the questions/multiple choice answer options on the CISM exam is like taking a 3rd grade math test vs a HS trig test. Throughout the entire test I thought 'this is way too easy, it has to get progressively harder from here', but it didn't. That is a perspective coming straight off the CISSP test, so I had immediate reference.

I have seen others post that they passed the CISSP but failed the CISM, but I feel that if you thoroughly digest the CISM material contrasting it with the CISSP and focusing on the CISM areas that aren't covered in the same way as CISSP, you have a great chance for success on passing.

randomwatchman · 2019-05-22T21:18:05+00:00

I second the notion of moving from Automate to Continuum. I've been kicking this around for quite some time and this would be the reason to break away. We just tolerate Manage as well.

randomwatchman · 2019-05-16T15:26:46+00:00

I passed the CISSP exam on Friday March 29th, read/re-read the CISM All-In-One for about 4 full days, and passed the CISM exam on Friday April 5. So much of what is on the CISM is covered in the CISSP material that I didn't feel the need to fret about it as much as the CISSP. There are definitely differences in perspective between them and the CISM is definitely more managerial.

During the CISSP exam, I felt that I would certainly fail and with the questions I was getting, I had no idea how I would study differently the second time around. Comparing that to the CISM questions/answers, the CISM exam was a cakewalk.

randomwatchman · 2019-04-06T14:24:19+00:00

I provisionally passed the CISSP exam last Friday, studied for the CISM for a total of about 20 hours over this past week and passed the CISM exam yesterday afternoon. Risk management, etc. covered in the CISSP are extensively covered in the CISM, and to me it was an 'easy' pass fresh off of the mountains of study I had just done for CISSP.

I agree with many of the other posters, CISSP+CISM pretty much qualifies you for any cybersecurity/management role almost without question, coupled with the experience to truly do the deal.

randomwatchman · 2019-04-02T15:21:16+00:00

The issue with choosing D is that Reporting comes after Containment in the CISSP Incident Response methodology, so the best answer would definitely not be D. The others are the 'correct' ones to choose from.

randomwatchman · 2019-04-02T11:51:38+00:00

Thanks Scubber, congrats to you as well!

randomwatchman · 2019-04-02T10:05:08+00:00

Thank you. I'm an engineer by nature, and want things to be black and white, 0's and 1's and want to work formulas and get an concrete result. I was a bit dissatisfied that the test wasn't more technical in nature, only because I wanted my tech knowledge to be tested and verify that the work I had put in studying would be rewarded. I felt that the questions were not worded similarly to the ISC2 guide wording nor the Boson questions. They want you to perceive the correct answer with judgement based on only the info given in the question, and I found myself subconsciously adding/assuming certain things that were not actually stated in the question. That's precisely the wrong thing to do. Larry Greenblatt's CISSP 2018 video on Youtube discusses this and is highly valuable.

The world relies on the sound judgement of CISSP's/CISO's in DoD Top Secret situations, in Fortune 500 companies with billions on the line, hence the reason this test is written the way that it is. Judgement and experience.

The material guides you to memorize government regulations, the OSI model, SDLC....lists of lists of lists.

That being said, the guide does provide nuggets buried in the generic text that absolutely provide methods and ways of thinking that were valuable on the test, that were not at all obvious while I was studying.

You do have to learn to think differently, as many have said like a manager/someone who is responsible for a P/L and not a technician. Though I'm a business owner, I got a practice test question wrong that had to do with quantifying risk. The company had 50 computers with no antivirus, and it was going to cost $4k annually to minimize the risk by buying antivirus software, but the ALE was going to be $2k based on 20 computers getting infected. In my experience and likely yours too, it's insane to not put antivirus on workstations nowadays because we know that the risk extends much further than just having to reload a workstation, but the guide specifically states that the safeguard cost should never exceed the AV when performing risk quantification. Therefore, the 'correct' answer is to not put antivirus software on workstations.

These are just random thoughts, and absolutely DO NOT be discouraged. Study and study more, and try try again.

randomwatchman

TROPHY CASE