My first job out of uni was as an Electronic Systems Engineer in the RAAF designing solid state replacements for SURAD, the ATC radar of the day. One of the hardest things to recreate was Identify Friend or Foe (IFF) tags. In a target rich environment, IFF tags help air defence officers filter good aircraft from bad.
In the old days, web filtering was done centrally - usually by a firewall or web filtering proxy. The technology required all corporate traffic at all sites to be funnelled through such a service, and this in-turn drove a rise in MPLS networks - dedicated networks commonly connecting corporate sites to a central data centre. In a zero-trust environment the network gets simpler. MPLS networks and web filter proxies become redundant and web filtering is done at the device - closer to the user is better. This approach is used by Microsoft as part of their Intune and Windows Defender for Endpoint solutions - sophisticated web filtering that’s difficult to bypass.
If you have Defender for Endpoint licencing, you can enable web filtering by:
1) Logging into the Microsoft 365 Defender portal
2) Scrolling to the bottom of the left blade and select Settings | Endpoints | Web content filtering (under Rules).
3) Adding a policy that includes the categories you want to block, specify the scope, and click Save.
And you are done!
You can also block specific IPs, URLs, or types of traffic (like peer-to-peer) and monitor if someone is attempting access through Reports | Web protection.
Zero trust is not a new term. The concept is based on three pillars - verify explicitly, use least accessed privileges, and assume breach. For example, the corporate network only provides access to applications that contain data you have authority to use. Good security dictates zero trust, in that access to corporate data should not be assumed. And I predict your IT infrastructure will get simpler as a result.
Across the Industry
Submissions open to the Federal Government for the responsible use of AI
Apple Vision Pro headset is demoed at Apple’s WWDC conference
Digitising wastewater systems with Alexandrina Council in South Australia
Listen to a podcast on best practice cybersecurity in higher education
Recent Government Tenders
Department for Education, Children and Young People: Multichannel Messaging Solution (Tasmanian Government Tenders)
South Australia Police: Digital Capability Platform and Support Services (Consolidated Tenders)
Penrith City Council: Core Systems Transformation (VendorPanel)
Narrandera Shire Council: Enterprise Management System (VendorPanel)
The Royal Women's Hospital: Business Intelligence and Analytics Replacement System (VendorPanel)
City of Monash: Legislative Responsibility Solution (eTenderBox)
Greater Western Water: Information Technology eServices Preferred Suppliers (Consolidated Tenders)
TAS Department for Education, Children and Young People: Multichannel Messaging Solution (DECYP ICT 0023) (Tasmanian Government Tenders)
South Australia Police: Digital Capability Platform and Support Services (Consolidated Tenders)
SA Health: Digital Signage and Wayfinding Solution (Consolidated Tenders)
Mansfield Shire council: Microsoft 365 Alignment & Governance Project (TenderLink)
Alpine Shire Council: DR and Backup Renewal (Tenders.Net)
Northern Health: Active Directory - Professional Services (Consolidated Tenders)
Microsoft News
Improving container recycling in Western Australia with Microsoft
Reduce your carbon footprint with the Greener app
Stalling an aircraft, intentionally, was never fun - but necessary to feel the effects of when you lose control. The procedure was to 1) ascend to 4000ft AGL over farmland, 2) jam the throttle control in to idle, 3) as airspeed decreases, keep pulling the stick back to raise the nose and maintain altitude, 4) keep doing this until you feel buffeting, 5) keep going further a bit more and in a few seconds you and your aircraft are in freefall. To return to controlled flight, you do what is counterintuitive - release the stick. This is one reason why nearly 50% of all private pilot accidents involve stalls and half of these result in fatalities. The deadliest times are at take-off and landing, where you are close to the terrain and at low airspeed.
You may know Sentinel as Microsoft’s SIEM. We like it, but there are many other SIEMs out there if Microsoft is not your thing. Anyhow, for under a $100 per month our clients get more sophistication that they can use. It covers controls for the much of the MITRE ATT&CK framework and provides ASD Essential 8 reporting OOTB. Best of all, it provides you with all the ability to run mock incidents to ensure you know what it feels like when a serious security incident is at play. It also gives you the tools to contain and eliminate that attack - and return to straight and level flight. It’s impressive!
Don’t end up like Bernie, washed up on the beach. Get ready now and improve your security posture with tools that help you soar.
Across the Industry
Recent Government Tenders
Microsoft News