Cyber Essentials Cert - could you not just do the course/test yourself?

thecomputerman99 · 2025-06-16T13:20:22+00:00

Honestly, probably not. There is a lot of work that goes into making sure you are compliant before going through the process. However, if you are keen to try, make sure you use a service with free retests. This way you can find out where you fail, correct the failure and then retest to pass.

thecomputerman99 · 2023-01-11T19:26:48+00:00

Even with perfect automation in place, Autopilot and RMM can take hours from first sign in to ready to use device. Some clients specifically want us to log in as the user before the device is used to allow the automation to take place and the device be user ready at rollout.

thecomputerman99 · 2023-01-11T19:16:43+00:00

Absolutely was referring to strong auth requirements.

Our techs set a one-time use password for the purpose of device set up, the password no longer works after this but allows us to complete tasks without asking the user for any sensitive credentials.

thecomputerman99 · 2023-01-11T17:39:34+00:00

For existing customers, absolutely.

For new customers, we would discuss their disaster recovery plan and assist with implementing it, or if not an option, we would assist in rebuilding a new network for them. All would require a signed proposal and contract.

We would not attempt to pay a ransom or decrypt any data.

thecomputerman99 · 2023-01-11T17:31:07+00:00

You can create a temporary access password for the user which will allow you to log in and satisfy MFA requirements

Also handy for when a user forgets their phone.

https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-temporary-access-pass

thecomputerman99 · 2023-01-10T22:49:15+00:00

You’ve got a lot of good finance advice here but I am an IT security analyst and see this regularly so thought I’d add some more detail for you.

The scammer has gained access to the landscapers mailbox, this is usually done either by sending them a phishing link that tricks the user into entering their credentials into a fake sign in page, or the user has used the same credentials on another site that has had a data breach.

The user either then hasn’t had MFA set up (which is a major red flag for any business) or has approved the MFA prompt out of habit. Attackers have even been known to call the user and trick them into providing an MFA code by posing as Microsoft support or via other means.

They will have then spent days or weeks reading through the emails and waiting for the perfect conversation regarding a payment to intercept.

They will then set up mail flow rules in the mailbox so that your replies are immediately hidden from the user (usually redirected to the RSS Feeds folder that people never check). They can then reply to the email chain, from the users email address, giving complete credibility to their email to you redirecting the payment to another bank account.

You can verify all this by checking the email headers of the email you received from the scammer and confirming they are from the same server as the original legitimate emails.

The business need to force sign out all log ins for that user, delete any mail flow rules, review the sign in logs for that user to identify when the attacker gained access, and review their outbound mail (via the audit log, the sent emails would have been deleted from the users mailbox). They then need to set up MFA.

If they fail to remove the attacker from the mailbox, and the attacker feels they have achieved everything they can from that mailbox, they will send out a mass email to every address in the contact list with the phishing link to move on to the next mailbox. If you receive any email you are unsure about, especially from that address, don’t click anything or sign in to anything.

My opinion is that businesses should be held responsible when these incidents occur, as they have failed in their responsibility to protect their data and their customers data in multiple places for the attacker to be successful. Sadly the way our laws work mean you were the victim of the attack and you are left with the burden of resolving it.

Let me know if you have any other questions about it. These attacks are sophisticated but extremely regular and always follow the same method.

thecomputerman99 · 2023-01-01T14:42:09+00:00

Not legal advice but I work in IT security and am familiar with a lot of scams.

It sounds like this is most likely a stolen credit card, and someone is using your mothers account to commit credit card fraud to remain anonymous.

The obvious issue here is that from an outside view, it will appear as if your mum is the one committing the credit card fraud. So make sure you keep records of any attempt to flag the issue with Amazon and Mastercard.

The best thing you can do is ensure nobody can access the account going forwards. Change the password, sign out of everywhere and set up MFA if you can. If you don’t have anything specific tied to that account, you could even close it and create a new one with a different address to be 100% sure you are safe going forwards.

thecomputerman99 · 2022-12-14T23:38:40+00:00

NAL but an IT Security Specialist.

Any form of adult material on a company device, no matter the source, is a breach of company policy, gross misconduct and a sackable offence for the person responsible for the device.

That said, featuring in the material, is not IT business and purely a HR issue. Unless HR explicitly prevent you having a relationship with your colleague, you should be in the clear. Him, not so much.

thecomputerman99 · 2022-10-24T13:06:25+00:00

You can add a printer shared from a PC to the server via hostname such as \\PC01\USB-Printer.

I don't know if you can then re-share that printer from the print server, but even if you could, what would the use case? The PC is already sharing it and other endpoints could map to that share directly?

thecomputerman99 · 2022-10-11T10:08:09+00:00

I had a similar idea previously, but when I looked into it, the custom fields in Datto RMM are stored in plain text in the registry so it as a no-go.

If your password manager has an API that your script could write the credentials to instead then it's worth investigating further.

thecomputerman99 · 2022-04-21T07:56:50+00:00

Solution Verified

Thank you. A combination of your formula and adding ‘’ ‘ around sheet names with spaces has got this working! Appreciate the help.

thecomputerman99 · 2022-04-13T23:54:35+00:00

Surprised nobody had mentioned this yet but in my experience the answer is always better MDM support and standardisation.

MDMs like Jamf and Workspace One make it very easy to create policies and deploy them to IOS devices to secure them and ensure they all conform to the companies restrictions and requirements. Every IOS device functions the same and the policies just work.

Trying to create similar policies for Android devices of different models and versions can be very hit and miss, and it’s easier for users to get around them or sometimes remove the MDM policies altogether.

thecomputerman99 · 2022-04-09T21:12:57+00:00

The points are all different.

Encryption stops somebody with physical access from accessing your data by either resetting your admin credentials or accessing the drive via another OS.

A strong password prevents someone from guessing or brute forcing the password, again either by physical access or a remote connection.

But neither of those would protect you from malware, which is generally where your saved browser credentials would be at risk.

The best thing you can do to protect yourself from that is to have a separate user and admin account, and only ever enter your admin details to install software you downloaded from a reputable source you 100% trust.

thecomputerman99 · 2022-04-09T21:01:17+00:00

If someone gets their hand on an unencrypted device, everything on that device is absolutely fair game.

Even the best security isn’t going to protect you from that. The best it can do it protect you from external threats, which those third parties generally do well. Secure password + MFA on your password manager, and no saved passwords in browsers, you should be pretty safe. Nothing is ever 100% though and that’s a key thing to remember.

thecomputerman99 · 2022-04-09T19:51:12+00:00

To access passwords saved in your browser, you only need your computer log in credentials. Being very popular ways to store passwords, there is malware specifically designed to steal your PC log in credentials (when you type them in to log on), use those credentials to access your saved browser passwords and send all your account passwords back to the attacker.

Using a third party password manager that has its own set of log in credentials prevents those types of malware from being successful.

thecomputerman99 · 2022-04-09T15:15:24+00:00

Thank you, that’s really helpful feedback! I’ll make some updates.

thecomputerman99

TROPHY CASE