security - Jonsdocs

Sign in Subscribe

security

IT security tips.

The text "security tips for your organisation" on a blue/green background.To the right is a silver shield and padlock.In the background are dots linked by lines suggesting a network.

protect your organisation

Tip 6: A plan for when it all goes wrong

🛡️This post is one in a collection of tips to help you protect yourself, your business, or your organisation online. The series was published from 23rd June 2025 over two weeks and you can view other posts in the series here. Sometimes, things go wrong - be that a flat

The text "security tips for your organisation" on a blue/green background.To the right is a silver shield and padlock.In the background are dots linked by lines suggesting a network.

protect your organisation

Tip 5: Encrypt devices

🛡️This post is one in a collection of tips to help you protect yourself, your business, or your organisation online. The series was published from 23rd June 2025 over two weeks and you can view other posts in the series here. Encryption is the process of making information unreadable unless

The text "security tips for your organisation" on a blue/green background.To the right is a silver shield and padlock.In the background are dots linked by lines suggesting a network.

protect your organisation

Tip 4: Backups (and test them)

🛡️This post is one in a collection of tips to help you protect yourself, your business, or your organisation online. The series was published from 23rd June 2025 over two weeks and you can view other posts in the series here. Having only one copy of your data is a

The text "security tips for your organisation" on a blue/green background.To the right is a silver shield and padlock.In the background are dots linked by lines suggesting a network.

protect your organisation

Tip 3: Good passwords (or passkeys)

🛡️This post is one in a collection of tips to help you protect yourself, your business, or your organisation online. The series was published from 23rd June 2025 over two weeks and you can view other posts in the series here. Password guidance has changed many times over the years,

The text "security tips for your organisation" on a blue/green background.To the right is a silver shield and padlock.In the background are dots linked by lines suggesting a network.

protect your organisation

Tip 2: MFA everywhere you can

🛡️This post is one in a collection of tips to help you protect yourself, your business, or your organisation online. The series was published from 23rd June 2025 over two weeks and you can view other posts in the series here. I sometimes get asked what the biggest tip is

The text "security tips for your organisation" on a blue/green background.To the right is a silver shield and padlock.In the background are dots linked by lines suggesting a network.

protect your organisation

Tip 1: User security education

🛡️This post is one in a collection of tips to help you protect yourself, your business, or your organisation online. The series is published from 23rd June 2025 over two weeks and you can view other posts in the series here. The first post in this series is about education,

Infosecurity Europe 2025 "hero image".On the right is a human face made up of vertical lines in purple,pink,green gradient.On the left is a wavey pale blue green shape.

Infosec Europe 2025, day 1 (Tuesday)

Thoughts on day 1, 3rd June 2025.

BIOS passwords - do we still need them?

BIOS passwords - do we still need them?

BIOS passwords - to set or not to set, that is the question.

Screenshot showing three icons, one for "PROA MS Videx" and the other two for database files.

Authentication flaws and responsible disclosure

When I worked for the local council it was part of my job to review software and systems that were going to be installed or implemented. On one occasion that led me to review a door entry system that was being offered as part of a tender, and I found

A slanted piece of white paper with check boxes and a list, with a gold padlock over the top.

Security questionnaires

Security questionnaires seem to be never-ending, and present a number of challenges. Here's my experience, along with some tips.

3d text saying "H F CON".The "F" is lying down.There is a pale yellow background with mauve & white shapes at the borders.

Human Firewall Conference

Human Firewall Conference 2023

A summary of my notes from the SoSafe Human Firewall conference, November 2023.

"ISC2 Spotlight" written in white on a green background, with "secure software development" in blue on a white background.

ISC2 Secure Software Development

ISC2 Spotlight: Secure Software Development conference - day two

Yesterday's conference sessions were interesting (you can read about them here), and today is the last day of the conference. Today's agenda: * Secure by Design: CISA's Plan to Foster Tech Ecosystem Security * SigStore to Secure the Code Supply Chain * What You Need to Know

"ISC2 Spotlight" written in white on a green background, with "secure software development" in blue on a white background.

ISC2 Secure Software Development

ISC2 Spotlight: Secure Software Development conference - day one

ISC2 (formerly (ISC)²) ran an online only "spotlight" (conference) on secure software development this week on the 8th and 9th of November. As this directly aligned to my work's industry (I work for a software development company), I took the time to attend this. ISC2 members

A login prompt requesting a username and password. There is an orange alert triangle to the left of the text boxes.

Single sign on: why it's good for account management

Single Sign On (SSO) is a mechanism for authenticating to separate systems using a single identity (you can read the Wikipedia article & definition here). Ever seen the "login with Facebook" or "Sign in with Apple" type buttons on websites? That's SSO at work.

Screenshot of Virus Total saying 14 out of 61 vendors believe the file is malicious.

A QBot near miss, and a look at what might have been

A look at some malware that would have been delivered to a colleague, but they noticed something dodgy was happening!

An orange rucksack with a gold padlock and labelled "go bag". In front is a torch / flashlight and some bottles of water.

A cyber security incident response "go bag"

I've heard this concept discussed before yet have failed to actually put one together. I started drafting this post back in October, when the concept came up again at a talk during (ISC)² Security Congress 2022 (day one, during "Incident Response Ready - Key Steps of a

When do you pay the ransom?

When do you pay the ransom?

Should you pay the ransom when attacked with ransomware? I don't think there's a clear cut answer to that...

Playing with honeypots: part 4

Playing with honeypots: part 4

Looking at a different attack on the honeypot I investigate an attempt to deploy a crypto currency miner.

Playing with honeypots: part 3

Playing with honeypots: part 3

Having built a honeypot and published it to the Internet, it's time to see what the attackers tried to do.

Playing with honeypots: part 2

Playing with honeypots: part 2

I build my honeypot in Microsoft's Azure cloud using open source software.

Playing with honeypots: part 1

Playing with honeypots: part 1

Let's look at what honeypots are, and why we might use them.

Receiving a security disclosure for an old subdomain

Receiving a security disclosure for an old subdomain

After receiving a security disclosure from a security researcher I knew I needed to investigate.

Thoughts on home automation / smart homes - security (part2)

home automation

Thoughts on home automation / smart homes - security (part2)

Considering privacy and security with the IoT and smart homes.

What is a Next Generation firewall?

What is a Next Generation firewall?

A look at Next Generation firewalls and the extra services they often provide.

What is a firewall?

What is a firewall?

A quick look at what a basic firewall is, and how it works.