My first job out of uni was as an Electronic Systems Engineer in the RAAF designing solid state replacements for SURAD, the ATC radar of the day.  One of the hardest things to recreate was Identify Friend or Foe (IFF) tags.  In a target rich environment, IFF tags help air defence officers filter good aircraft from bad.

In the old days, web filtering was done centrally - usually by a firewall or web filtering proxy.  The technology required all corporate traffic at all sites to be funnelled through such a service, and this in-turn drove a rise in MPLS networks - dedicated networks commonly connecting corporate sites to a central data centre.  In a zero-trust environment the network gets simpler. MPLS networks and web filter proxies become redundant and web filtering is done at the device - closer to the user is better.  This approach is used by Microsoft as part of their Intune and Windows Defender for Endpoint solutions - sophisticated web filtering that’s difficult to bypass. 

If you have Defender for Endpoint licencing, you can enable web filtering by:

1) Logging into the Microsoft 365 Defender portal

2) Scrolling to the bottom of the left blade and select Settings | Endpoints | Web content filtering (under Rules).

3) Adding a policy that includes the categories you want to block, specify the scope, and click Save.

And you are done!

You can also block specific IPs, URLs, or types of traffic (like peer-to-peer) and monitor if someone is attempting access through Reports | Web protection.

Zero trust is not a new term.  The concept is based on three pillars - verify explicitly, use least accessed privileges, and assume breach.  For example, the corporate network only provides access to applications that contain data you have authority to use.  Good security dictates zero trust, in that access to corporate data should not be assumed.  And I predict your IT infrastructure will get simpler as a result. 

Across the Industry

Recent Government Tenders

Microsoft News

Stalling an aircraft, intentionally, was never fun - but necessary to feel the effects of when you lose control.  The procedure was to 1) ascend to 4000ft AGL over farmland, 2) jam the throttle control in to idle, 3) as airspeed decreases, keep pulling the stick back to raise the nose and maintain altitude, 4) keep doing this until you feel buffeting, 5) keep going further a bit more and in a few seconds you and your aircraft are in freefall.  To return to controlled flight, you do what is counterintuitive - release the stick.  This is one reason why nearly 50% of all private pilot accidents involve stalls and half of these result in fatalities.  The deadliest times are at take-off and landing, where you are close to the terrain and at low airspeed.

You may know Sentinel as Microsoft’s SIEM.  We like it, but there are many other SIEMs out there if Microsoft is not your thing.  Anyhow, for under a $100 per month our clients get more sophistication that they can use.  It covers controls for the much of the MITRE ATT&CK framework and provides ASD Essential 8 reporting OOTB.  Best of all, it provides you with all the ability to run mock incidents to ensure you know what it feels like when a serious security incident is at play.  It also gives you the tools to contain and eliminate that attack - and return to straight and level flight.  It’s impressive!

Don’t end up like Bernie, washed up on the beach.  Get ready now and improve your security posture with tools that help you soar.

Across the Industry

Recent Government Tenders

Microsoft News

"A change in perspective is worth 80 IQ Points" 
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram