How and why did I virtualize my home perimeter firewall? Why? Cost. It’s really cheap and I get a lot more extra functionality virtualizing everything compared to buying a separate device to use as a firewall. Ease of Management. I can migrate and manage the firewall without needing to physically touch the hardware. Because it’s really ...

Securitycontrols.org has moved. It used to be hosted in Wix. Here’s some additional information about the migration. Why Jekyll? I was looking for a blog friendly platform that could build to static pages with relative ease. Here’s why I picked Jekyll over a traditional CMS Cost Static websites are extremely cheap to host and can be safely...

The Basics Security Configuration Hardening is the practice of changing configurable settings for various applications and platforms in such a way as to improve security configuration. Products such as Windows and Linux do this to some extent but generally have features and settings enabled for compatibility reasons that are risky to have if th...

Why take backups? If you’re here, you probably already have decided you need backups; if so, feel free to skim through this section. If you’re new to the idea of backups or want a recap though, please keep reading. Backups are generally designed to protect the data you care about. This data can be anything you want and are generally things lik...

What is a “Personal VPN” As I’ll be using it in this article, “personal VPN” or just simply “VPN” will refer to VPN (Virtual Private Network) services for the masses: Nord VPN, ExpressVPN, Private Internet Access, etc. These VPN services allow you to tunnel your internet activities for your devices to another location in the world; a selection...

Let’s explore the risk and some of the pros and cons of periodic password rotation. I’ll try to explore both arguments for and against rotation so you can decide if it makes sense for you or your organization.