IT Pro Tuesday #171
Get this in your inbox each week.
Welcome back to IT Pro Tuesday!
The results from our recent threat survey are in. We explored the extent to which companies understand and are prepared for ransomware, and the results were eye-opening. You can read all about it here.
In case you missed it, tomorrow's free educational webinar, “What's New in Windows Server 2022,” will offer a full breakdown of the brand-new OS and a deep dive into the standout features that will have the biggest impact to organizations looking to upgrade to Windows Server 2022. Presenters are Microsoft MVPs Andy Syrewicze and Paul Schnackenburg. Details here.
We're looking for your favorite tips and tools we can share with the community... those that help you do your job better and more easily. Please reply or leave a comment with your suggestions, and we'll be featuring them in the coming weeks.
As always, we’re updating the full list on our website here. Enjoy.
But on with this week's tools...! Here are the most-interesting items that have come across our desks, laptops and phones this week. Hornetsecurity has no known affiliation with any of these unless we explicitly state otherwise.
A Free Tool
OCS Inventory is an asset-management solution that discovers the soft and hard composition of each machine and server as well as the active elements on your network. A web console allows you to view inventory results and the detected network hardware and to create deployment packages. Our thanks for this one go to hoeskioeh.
Everything You Always Wanted to Know About Optical Networking is a tutorial that can provide a basic understanding of how fiber works, its power characteristics, how to work with optics, DWDM, dispersion and the latest state-of-the-art optical technologies and trends. A shout out to notFREEfood for the suggestion.
Another Free Tool
EasyJob helps you organize and execute all your PowerShell and BAT scripts from a single interface. Its author, akshin1995, explains: "As a sysadmin, I use many PowerShell scripts on a daily basis. To make them more accessible, organized and easy-to-execute, I created this tool using .NET 5. Decided to share it with the community—maybe it might be useful for someone."
NIST Password Guidelines and Best Practices are considered by experts to be the gold standard for password security because of how well researched, vetted and applicable they are for the private sector. Find out if your organization is using password practices that are outdated or even counterproductive, so you can keep your data safe. The value of this resource is fully appreciated by sheps, who adds, "Honestly, it worries me the amount of IT pros glossing over these requirements."
This suggestion from wells68 can help ease user panic resulting from tech issues so you can improve outcomes: "Sometimes users don't realize it, but they are looking for some emotional support along with a fix for their problem. We techies tend to believe that emotions have no legitimate place in a support call. But, hey, if it helps end the call faster, it's in our interest to be a little supportive. A friend of mine who supports complex software, gets frantic calls from one of her clients. After listening to the problem, first thing she does is ask the client about their cat. Client loves the cat and calms down talking about it. My friend interrupts (doesn't make sense to 'waste' too much time) after a few moments, says something nice about the cat, and immediately asks a specific question about the problem. She gets much better results faster. As for users who have trouble following directions, shoot them a link from your KB which has both an illustrated step by step and a link to a screen video. Don't have them? Your company should make it easy and efficient for you to create them and should incent your team to do so. You will still get pushback and obvious questions, but it can save you some time and aggravation."
P.S. Bonus Free Tools
Certbot is an open-source tool that allows you to enable HTTPS on manually administered websites through the automated use of Let’s Encrypt certificates. owenthetechie recommends it as "the EFF's version of certify the web that is completely free."
Crossfeed is a joint CISA/DDS designed tool that can continuously monitor your company's public-facing attack surface to discover assets and potential security vulnerabilities. Offers both passive and active scanning modes that collect data from a number of open-source tools and data feeds through a self-service portal. Provides actionable reports on organization assets and allows you to customize the scans performed. Kindly shared by -PF-.
Have a fantastic week and as usual, let us know any comments.