I'm still stunned by the ICC having their evidence on Azure.
-
replied to Esther Payne :bisexual_flag: last edited by
@onepict @jaredwhite We have plenty of Cloud Storage in the EU, but Azure is very easily implemented with Windooze computers.
And, as we have managers without any real digital literacy make the decisions it's very easy to go for the relatively consistent and known cost for the services from MakroSof than having, or keeping, the knowledge in house.
-
P [email protected] shared this topic
-
replied to Alda Vigdís 🇵🇸 🇱🇧 last edited by
@onepict I've had a couple of UN gigs and I can assure you that in at least one of them, the principle of "working as if an adversary has compromised the system" had become "we generally assume that Mossad has compromised our systems in one way or another".
There just wasn't the budget available to ensure that things were secure — and bureaucrats generally don't GAF about things they can't wrap their heads around.
-
replied to Alda Vigdís 🇵🇸 🇱🇧 last edited by
@onepict But here's the kicker — my systems seem to have been sufficiently secure because a couple of years after I quit, I was approached by a state actor who knew about the data therein and had seen the reports generated by them, but they did not have access to the raw data.
-
replied to Alda Vigdís 🇵🇸 🇱🇧 last edited by
@onepict So I guess that the morale of the story is that the UN has the means to self-host in geographically redundant, military grade data centres in Europe, but lacks the competence and will to do so in general.
-
replied to Alda Vigdís 🇵🇸 🇱🇧 last edited by
@alda now that's pretty much the best compliment to your work.
-
replied to Esther Payne :bisexual_flag: last edited by
@onepict I may be breaking confidentiality on tech specifics, but at least I didn't hand the keys over to Mossad.
-
replied to Alda Vigdís 🇵🇸 🇱🇧 last edited by
@alda sadly the UN is not the only organisation.
Which is a frightening prospect.
-
replied to Alda Vigdís 🇵🇸 🇱🇧 last edited by
@alda we have to pick our battles.
So much is wrong with the world, but where we can do something we should.
I don't think you have anything to reproach yourself for.
-
replied to Esther Payne :bisexual_flag: last edited by
@onepict Seems like a good time to remind people of the site: https://european-alternatives.eu/
-
replied to Angela Scholder last edited by
@AngelaScholder @onepict @jaredwhite The Dutch public sector is effectively married to Windows laptops. If there's any good competing mobile device management solution for Linux or *BSD endpoints, I'd love to know about it. Without it, there's no way to use a laptop while complying with governmental security standards.
-
replied to Esther Payne :bisexual_flag: last edited by
@onepict I really, really hope that evidence is secured with a key that Microsoft don't have.
-
replied to craignicol last edited by
@craignicol I think you have to assume they do.
Like worse case scenario and all that.
See the rest of the convo thread
-
replied to craignicol last edited by
@craignicol @onepict The issue is more about the Trump administration forcing Microsoft to glue shut the lock.
-
R [email protected] shared this topic
-
replied to Angela Scholder last edited by
@AngelaScholder @onepict @jaredwhite @EUCommission Mine is a Seagate 5T also. I also back up on more than one just in case.
-
replied to Beachbum last edited by
@Beachbum @onepict @jaredwhite @EUCommission Well, the WDE 4TB, Canvio 4TB, and Elements 5TB are used in parallel for archiving, and backups, for projects.
Three different brands so it will be highly unlikely for two (or more) disks to fail at the same time. When using three the same brand and size disks, they might well be from the same batch which happens to be a batch with defects or just a high failure rate. -
replied to Curioso 🍉 🇺🇦 (jgg) last edited by
-
replied to Stijn van Drongelen last edited by
From everything I've found and experienced (though never touched Dutch regulators specifically) it's very difficult to meet those sorts of compliance standards with a Linux machine unless you have some very talented in house Linux engineers to build and support the compliance program. None of the distros do that sort of thing out of the box. Even more frustrating is that you're almost never going to get auditors who know a damn thing about Linux. Whenever I had to work with an auditor at previous corp, I spent most of the audit trying to explain to them how they can't just blindly compare their Windows and Mac controls to Linux and expect a 1:1 match...
