Computer News & Safety – Harry Waldron Rotating Header Image

July 30th, 2018:

Leadership – ROI based training for development in next decade JULY 2018

The John Maxwell leadership training center shares value of adding an ROI to their leadership development programs to further enhance the future health of their organizations.

http://johnmaxwellcompany.com/blog/driving-key-performance-outcomes-through-high-roi-leadership-development

Every successful business trains its employees. But how is this leadership development measured? Is it measured at all? Attaching an ROI to leadership development is critical to building better teams, enhancing effectiveness, and boosting the bottom line.  Our Organizational Effectiveness Survey (OES) asks pointed, pre-engagement questions that uncover key data insights related to:

1. Overall Health of Culture: Does your company have a leadership culture focused on change, improvement and optimization?

2. Willingness to Change and Improve: Are your leaders transforming skilled people into engaged employees; are these employees willing to follow your leaders?

3. Employee Engagement: Are your employees committed to their work and organization in a way that drives consistent productivity?

4. Customer Satisfaction: How important is customer care and the customer experience to your organization’s leadership team?

WHY MEASURE LEADERSHIP EFFECTIVENESS? — Executive coaching is an impactful way to assess and improve the effectiveness of an organization. According to a study published by the Center for Creative Leadership, 95 percent of people polled stated that executive coaching was worth the time and effort.  The OES identifies 28 behavioral and business practice competencies within 4 functions of the organization: Leadership, People, Strategy and Performance.

THE LEADERSHIP RELAY — According to Deloitte Human Capital Trends, 56 percent of executives report their companies are not ready to meet leadership needs. High-ROI leadership development will be key in securing seamless transitions in management that will occur over the next decade. It’s time for companies to look forward, constantly assessing and encouraging the leadership qualities of their younger, or perhaps, newer employees.

THE INTANGIBLE ASPECTS OF COMPANY CULTURE — While benefits and workplace flexibility are frequently discussed topics of company culture and work happiness, the intangible aspects of company culture are far more important to worker loyalty and productivity. What are these intangible aspects? Companies that foster collaboration (when possible) and a team mentality through inclusive leadership perform better. Strong leadership qualities of communication, empathy, and service translate into a respectful, engaging, and exciting workplace.

INVESTING IN THE FUTURE — A successful model of leadership promotes personal growth. Measurable mentorship programs and professional development opportunities in the form of continuing education, advanced certification, and taking on new roles or additional responsibilities that are then recognized by management are crucial to your employees feeling encouraged to set and pursue goals and develop skills.

Leadership – Adding a Business Coach as a mentor JULY 2018

The John Maxwell leadership training center shares value of adding a “business coach” as a mentor for your own career development:

http://johnmaxwellcompany.com/blog/personal-trainer-but-no-business-coach

There are professionals and programs available to help people achieve all types of goals — people hire coaches to help them lose weight, get fit, get sober, improve their finances and their relationships.  You should think of a business coach or leadership program as a personal trainer for your professional “fitness.”   We all set professional goals. But ask yourself this: What active steps am I taking to achieve them. Below are advantages for adding a mentor to help build improved leadership skills for the future:

1. The Power of Accountability — One of the most significant reasons successful people meet or exceed their goals — both personal and professional — is accountability. Accountability can mean the difference of staying on track and making progress towards a goal.

2. Taking Professional “Me Time” — Utilizing a business coach or professional network is a great way to focus on your own professional development.

3. Designing Your Own Motivation  — A good source of external accountability will also guarantee that you will focus on your goals more often. Setting a routine of professional development — checking in on your own progress, setting and meeting smaller, benchmark goals — is essential to building momentum.

Microsoft Azure – New Firewall add-on preview launched JULY 2018

Microsoft Azure is introducing a new “beta” version of a Firewall facility designed to protect cloud based applications.  In it’s 1st iteration it is mainly designed to protect OUTBOUND traffic initially, as described below:

What is Azure Firewall?

https://docs.microsoft.com/en-gb/azure/firewall/overview

In this post, I will explain what the new Azure Firewall, recently launched in preview, can do and what it cannot at this time.  There is no shortage of firewall options in Azure for network security at the transport (Layer-4) and application (Layer-7) layers of the network stack.  The features today are:

***  High availability (HA): You do not need to deploy multiple instances for high availability as you do with NVAs. The appliance has built-in HA.
***  Cloud scalability: Another reason for scaling out the number of NVAs and load balancing them is to increase the scale of throughput. The Azure Firewall will scale to handle your throughput and bandwidth requirements.
***  FQDN filtering: You define a whitelist of fully qualified domain names (you can use wildcards) of external URLs that can be reached from your network. This approach will limit data leakage and prevent remote control by malware. This is the set of “where to rules”.
***  Network filtering rules: Rules based on source, destination, protocol, and port will limit what kinds of traffic can leave your virtual network. This is the set of “what rules”.
***  Outbound SNAT support: The Azure firewall is deployed with a standard-tier public IP address. All traffic leaving the virtual network is identified to the Internet using this address.
***  Azure Monitor: All events can be traced in the Azure Monitor, and archived to a storage account, event hub (external systems), or Log Analytics (OMS).

What Azure Firewall Cannot Do — What I first heard of Azure Firewall I thought it would replace NVAs. As it turns out, based on what the Azure Firewall is today in its preview release, it won’t. But the current preview release is a very early one, and I think Microsoft is slowly developing Azure Firewall to get it right, instead of rashly rolling out a bunch of unready features. So, I kind of understand what they are doing.  Today the Azure Firewall is not a solution for protecting a network against inbound threats. You cannot set up NAT rules for inbound traffic. It does not have rules or filters for publishing internal applications either. Today, Azure Firewall only cares about outbound traffic.

Security – Black Hills RITA open source toolkit

Black Hills Information Security has introduced an open source security vulnerability analysis tool called RITA (Real Intelligence Threat Analytics) as described below

https://isc.sans.edu/forums/diary/Using+RITA+for+Threat+Analysis/23926/

https://www.blackhillsinfosec.com/

I installed and tested this open source framework called Real Intelligence Threat Analytics (RITA) that was recently updated against my BRO logs.  “This open source project, born from Black Hills Information Security, is now developed, funded and supported by Active CounterMeasures”. A full description of RITA’s capabilities and the code is available here.  I used the automated script (install.sh) with CentOS 7 which I download from here. The installation is straight forward and it verified my setup to make sure everything is installed on my box. It supports some interesting features such as:

1. Beaconing Detection
2. DNS Tunneling Detection
3. Blacklist Checking
4. URL Length Analysis
5. Scanning Detection