The Importance of Firewalls

Firewalls are an under-utilized line of defense. A presentation I watched from a member of the Microsoft team said that many people, and companies, either leave default host firewall rules or disable them altogether. The default firewall rules are block inbound except for established connections and allow outbound unless it matches an explicit block rule. By itself, this is a useful concept, but the inbound rules allow more than necessary for most people. They are designed to just work in most environments as soon as the computer is connected.

A better move is for people installing computers to spend some time focusing on what traffic should actually occur in their networks. If nobody needs SSH in, then disable it. I found that I could disable many inbound rules, I had no use for them. On a server, I also try to block outbound connections when possible. In competition environments, I set inbound and outbound to deny and then pull a list of allow rules from GitHub. These rules are configured down to the program or service. Firewall rules in Windows are such an important factor in stopping communication, data exfiltration, network exploration, and virus distribution. Building these rules also gives a much better understanding of the kinds of communication that is happening on a network. I am surprised that more people don’t utilize these rules.

~Connor Shade

Advertisements

NIS cyber-security regulations

The technology landscape is ever-evolving. There have been numerous cyber-security breaches over the last couple years. Equifax, Target, Panera Bread, and Atlanta ransomware attack are just a few that have had rippling effects. Cyber-security laws are more important than ever. The threat landscape keeps evolving and more attacks keep happening. According to a Symantec report, the amount of malware has grown from just above 300 million to over 430 million between 2014 and 2015. The following is an example that shows we are moving in the right direction and how important cyber-security is in today’s world.

The Directive on Security of Network and Information Systems (NIS) is the first cyber-security legislation passed by the European Union. The aim is to achieve a high standard of network and information security across all EU member states. The NIS directive is the first of its kind in that it affects the entire European Union to boost the overall level of cybersecurity. NIS sets a range of requirements that apply to operators of essential services and digital service providers. Essential services, in this scenario, refers to energy, transport, banking, financial market, health, and water supply. These institutions have until May 2018 to meet the requirements.

At least 432 businesses are expected to be affected by these regulations. These regulations aim at improving infrastructure resilience for UK critical infrastructure providers. One important thing to notice is that not all of a companies’s operations are affected by the NIS directive. Companies will need to do their own evaluation to determine what’s considered essential services. The UK government identified 14 high-level security principles that companies will need to comply with.

References:

https://digitalguardian.com/blog/what-nis-directive-definition-requirements-penalties-best-practices-compliance-and-more
https://www.scmagazine.com/at-least-432-uk-businesses-to-be-affected-by-nis-cyber-security-regulation/article/760985/
https://www.itgovernance.co.uk/nis-directive

 

— Smayan Daruka

Networking in the Hospitality Industry

In the hospitality industry and nearly every other field, networking is an extremely important tool in advancing one’s career. One of the most effective ways to network is to attend conferences and conventions that pertain to your field where you can see new innovations, learn about best practices, and most importantly, speak with professionals in the industry that can be potential contacts that can be useful in the future.

When looking for conferences to attend, one useful method for finding these events is to look to leading associations and organizations in the field who usually host or at least have a large presence at these events. For example, in the hospitality industry, the National Restuarant Association (NRA) and the Hospitality Financial and Technology Professionals (HFTP) are two large associations in this field.

The HFTP hosts many conferences throughout the year and also co-hosts many other events. These conferences are great for anyone wishing to break into the hotel and tourism industry and especially learn about new technologies that help those in that industry.

The NRA hosts a variety of events including summits and other conferences that are more focused on the restaurant industry. These events and this association, in general, is a great networking tool for those wishing to enter the field of restaurant management.

When it comes to networking in any industry, start by finding associations that have a large presence and seek out the conferences and events they host or co-host. The networking gained at these events can go a long way in advancing your career.

-Thomas Skowronski

United States Oil Production Infographic

Giberson Map Final

This infographic was created to enhance the significance and importance of United States Oil Production. United States Oil production is minimal in accordance with the world total as shown while the specific state totals are also shown.

-Troy Giberson

Tech Comm Infographic