RT @kfalconspb@twitter.com

Break time: if a room full of IT people don’t lock they’re devices, how can we expect the users to?

🐦🔗: twitter.com/kfalconspb/status/

No kidding, I have that conversation way to regularly. Especially the sudo leadership types. The do as I say folks. Because good security practice is for everyone else but them. Lead by example people. ✌️

For the (ok I have to tag you to make you shudder @jerry ) active directory we just set the locking screensaver to on after time
Not the best way, but better then nothing

(And yes I know the watch trick but prefer the netflix hack for my system)


@ITsecJ @ironmonkey I think that is a perfectly reasonable thing to do via AD. I’m not anti-AD. I’m anti-the way most people [mis]use AD.

LoL nothing like going on to a client site and seeing a) Default-First,-Site and B) a DC that hasn't replicated in so long tombstone passed and client resets pwd manually in multiple DC because as their it guy says "it's humped up" code for I haven't the slightest clue as to what I am doing. 👍 The stuff you see out there...

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.