|
How is the AWS openjdk version? Have you tested it any?
|
#
?
Feb 7, 2019 17:59
|
|
|
|
| # ? May 25, 2024 23:55 |
|
|
someone talk to me about SOC 2 compliance. I've just been asked (and will officially be asked tomorrow) to take over for consultant preparing this SaaS shop for SOC 2 compliance. It's part of a business division and split into a new company/new domain. I'm designing their domain architecture, updating their logging/SIEM infrastructure, implmenting role based security, that sort of thing. But otherwise I don't know poo poo about SOC 2 other than general security best practices and some pretty useless free PDF checklists.
|
|
#
?
Feb 7, 2019 21:05
|
|
Cat Army 
|
Recommendations for VPN? Currently using the Win10 built-in VPN. We use Meraki for our network poo poo. Buddy of mine suggested PureVPN.
|
|
#
?
Feb 7, 2019 21:25
|
|
|
What are you trying to do? You say you're using the built-in VPN client but talk about using a hosted VPN service instead? What's wrong with the built-in Meraki client VPN service?
|
|
#
?
Feb 7, 2019 21:36
|
|
|
The Fool posted:What are you trying to do? You say you're using the built-in VPN client but talk about using a hosted VPN service instead? What's wrong with the built-in Meraki client VPN service? Yeah built in OS client vpn connecting to a meraki MX seemed to work fine when I messed with it at my last job. If you just need basic remote access VPN functionality it works perfectly fine.
|
|
#
?
Feb 7, 2019 21:51
|
|
|
The Iron Rose posted:someone talk to me about SOC 2 compliance. Run. Edit: I got through it as a sass shop and the only infra guy on staff and it’s a nightmare of bullshit that will eat up your time. Your company will also cheap out on auditors who don’t comprehend any sort of cloud stuff and anything that isn’t a 100 person team with dedicated folks for networking, security and compliance. Your company thinks it needs it for that big deal but has no idea what goes into it and if it’s a startup it’s a big waste of time at this point. There are even stuff built in to it that look for things like fully staffed ccb’s, having executive sign off and separation of duties. Edit2: our saving grace was infra as code through terraform and ansible. If your doing this on Windows may *diety of choice* help you. freeasinbeer fucked around with this message at 03:30 on Feb 8, 2019 |
|
#
?
Feb 8, 2019 03:07
|
|
|
Does onenote have the ability to where I can define some brackets or quotes and it will format the text inside a way I define? I want a way to highlight and change font on code as I make a document on a server I'm building.
|
|
#
?
Feb 8, 2019 04:14
|
|
|
SE dumped a poo poo pile on us yesterday. Been here a while and has no idea how poo poo works so he just escalates ticket. He escalated too far this time and now I can’t find him in our company registry. Woops maybe next time do your job.
|
|
#
?
Feb 8, 2019 04:17
|
|
|
Docjowles posted:There seems to be a widely held belief that the Oracle JDK is somehow massively superior to openjdk in terms of performance and stability. I've gotten a lot of pushback or at least skepticism about switching our apps from running under Oracle to "that rinky dink openjdk bullshit". We're a huge open source shop and don't pay for anything unless we have to, so that was particularly surprising. There’s always the AWS version of OpenJDK: https://aws.amazon.com/corretto/ Virigoth posted:How is the AWS openjdk version? Have you tested it any? I have not, but Corretto is being fully embraced here. I can’t speak to any customizations or deltas between AWS openjdk and other forks. Agrikk fucked around with this message at 06:08 on Feb 8, 2019 |
|
#
?
Feb 8, 2019 06:06
|
|
|
Wells Fargo's disaster recovery failed so their poo poo was down for hours lmao what a trash fire Test your DR sites folks
|
|
#
?
Feb 8, 2019 07:53
|
|
|
Oh, so that's why my plan to do my taxes tonight failed when I couldn't access my mortgage documents.
|
|
#
?
Feb 8, 2019 08:06
|
|
|
bull3964 posted:Oh, so that's why my plan to do my taxes tonight failed when I couldn't access my mortgage documents. If your bank burns down your house is free
|
|
#
?
Feb 8, 2019 08:23
|
|
|
Methanar posted:If your bank burns down your house is free Didnt you watch Mr. Robot? You also have to destroy the paper copies
|
|
#
?
Feb 8, 2019 11:56
|
|
|
Sepist posted:Didnt you watch Mr. Robot? You also have to destroy the paper copies Didn't you watch Fight Club? You also have to destroy all the branches in New York City.
|
|
#
?
Feb 8, 2019 12:35
|
|
|
orange sky posted:Wells Fargo's disaster recovery failed so their poo poo was down for hours lmao what a trash fire WTF isn't that a SOX compliance violation?
|
|
#
?
Feb 8, 2019 13:21
|
|
|
TerryLennox posted:WTF isn't that a SOX compliance violation? Is there a regulation Wells Fargo hasn't run afoul of in the last decade? At this point it wouldn't be surprising if they were caught burning laptop batteries in an open pit.
|
|
#
?
Feb 8, 2019 13:44
|
|
|
Agrikk posted:There’s always the AWS version of OpenJDK: Our devs want Java 11 which Amazon hasn't released yet, but I am aware and watching with interest 
|
|
#
?
Feb 8, 2019 14:04
|
|
|
TerryLennox posted:WTF isn't that a SOX compliance violation? SOX says you have to have a DR plan. Only experience can tell you it doesn't work. I'd like to imagine it will make their audit more of a challenge next year, but let's face it, they'll tell the auditors some crap about improvements they've made and get waved through. On the other hand, if their own figures tell them they lost a significant amount of money, that might actually create some real interest in fixing the problem.
|
|
#
?
Feb 8, 2019 16:01
|
|
|
Can anyone recommend a resource to dig into BGP? I know the barest basics, but I'm having to do more and more of it for routing in AWS. I'm muddling my way through with guides and google, but could really do with learning the fundamentals so I can troubleshoot better. I don't need to know how it works across the public internet right now, but it's the stuff like how every VPC has two tunnels built to my firewall and uses BGP to route traffic across both that I want to understand better. e: preferably with labs. I'm open to the idea of paid material if needed. rafikki fucked around with this message at 17:14 on Feb 8, 2019 |
|
#
?
Feb 8, 2019 17:06
|
|
|
I asked the same thing last year and got a great reply from our pal madsushimadsushi posted:There are three books that will teach you almost everything you need to know about BGP. They're all still great. If they mention something like "this is a new thing that's rolling out", it's been out forever and assumed standard. I read the first two books and now know enough BGP poo poo to do AWS Direct Connect / VPN stuff. Can confirm they're both excellent despite their age. I would start with the Stewart book and advance to the Halabi one if you find it didn't go deep enough for you.
|
|
#
?
Feb 8, 2019 17:19
|
|
|
You want this book: https://www.amazon.com/Internet-Routing-Architectures-Networking-Technology-ebook/dp/B0015V9DQ0 GNS3/EVE/VIRL/your sim of choice will be enough to lab.
|
|
#
?
Feb 8, 2019 17:20
|
|
|
Halabi and stewart it is, thanks!
|
|
#
?
Feb 8, 2019 17:37
|
|
|
I've spent the better part of the week uncovering the deep intricacies of a platforms qos functionality for a deep dive presentation on changing the functionality to better align with our global qos policy. Platform is being decommissioned in 2 months. Why the gently caress do we even bother? Also this platform was completely abandoned by cisco so there are no SMEs on their end to help me work through this. I ended up educating our AS guy on how this poo poo works.
|
|
#
?
Feb 8, 2019 19:16
|
|
|
orange sky posted:Wells Fargo's disaster recovery failed so their poo poo was down for hours lmao what a trash fire Last year around Thanksgiving and Christmas I had the worst time with Wells Fargo. Couldn't check my account, couldn't use an ATM because I had my withdrawal limit even when I hadn't used an ATM in months. On top of that one of their recruiters tried to pull me in for a "Cloud Engineer" position. It had nothing to do with Cloud at all and was just basic AD, Storage and Virtualization.
|
|
#
?
Feb 8, 2019 20:03
|
|
|
Methanar posted:If your bank burns down your house is free If only. I now wish it was still offline since after I got access again I finished my taxes and found the lovely "tax cuts" are making me owe money for the first time in 22 years. bull3964 fucked around with this message at 20:56 on Feb 8, 2019 |
|
#
?
Feb 8, 2019 20:35
|
|
|
Don't worry your money was well spent in share buybacks and yachts with IMAX
|
|
#
?
Feb 8, 2019 20:43
|
|
|
Docjowles posted:Our devs want Java 11 which Amazon hasn't released yet, but I am aware and watching with interest Without an NDS in place I can say it's coming soon(tm).
|
|
#
?
Feb 8, 2019 20:54
|
|
|
Fellow work-from-home types: anyone have a recommendation for a stereo Bluetooth headset? I'm trying to find something comfortable enough to wear all day, with enough battery life to wear all day, a mic that doesn't pick up too much background noise, and with a hard mute button, so I don't have to unlock my phone before I interrupt someone and tell them that we're definitely not doing what they want. Oh, and I have a big fat head, so I'm looking for something without too much clamping force, too. Currently I'm looking at the Jabra Evolve 75 or Plantronics Voyager 8200, and leaning toward the Plantronics.
|
|
#
?
Feb 8, 2019 21:14
|
|
|
We use the Jabba and it is excellent. I usually get a solid 14 hours per charge
|
|
#
?
Feb 8, 2019 21:51
|
|
|
Zorak of Michigan posted:Fellow work-from-home types: anyone have a recommendation for a stereo Bluetooth headset? I'm trying to find something comfortable enough to wear all day, with enough battery life to wear all day, a mic that doesn't pick up too much background noise, and with a hard mute button, so I don't have to unlock my phone before I interrupt someone and tell them that we're definitely not doing what they want. Oh, and I have a big fat head, so I'm looking for something without too much clamping force, too. Currently I'm looking at the Jabra Evolve 75 or Plantronics Voyager 8200, and leaning toward the Plantronics. Any reason it needs to be a headset? USB speakerphones are really good now and do the whole noise rejection thing. Treat yourself to a Polycom VoxBox.
|
|
#
?
Feb 8, 2019 21:54
|
|
|
Bose QC35
|
|
#
?
Feb 8, 2019 22:16
|
|
|
The Iron Rose posted:someone talk to me about SOC 2 compliance. We had SOC 2 audits the last couple years and are going to SSAE16 going forward. It doesn't sound like you are in charge of making policy, or implementing policy if you have no previous experience with SOC 2. So mostly you will just be providing reports to management, information the auditor asks for, and potentially arguing with them if what they are asking for is impractical. Whether the company has a policy, and whether or not they are following policy will depend on what the company was doing last year. Whether this will be relatively easy, or tedious and miserable will depend on the infrastructure and the product, and what the auditor is asking for. Is this the first time you are being audited, or just a followup from previous years?
|
|
#
?
Feb 8, 2019 22:42
|
|
|
Thanks Ants posted:Any reason it needs to be a headset? USB speakerphones are really good now and do the whole noise rejection thing. Treat yourself to a Polycom VoxBox. One of the things I like about dropping my current landline headset and going cell+BT is that I could get up and move around freely, even go downstairs and make myself a sandwich. Thanks for the recommendations, George and tortilla_chip.
|
|
#
?
Feb 8, 2019 22:49
|
|
|
The Iron Rose posted:someone talk to me about SOC 2 compliance. Find out if it's Type I or Type II as that makes a huge difference. Type I is "Here are our policies and procedures to cover the controls, do you see any gaps." Type II is "Ok, here's our proof that we are following all the policies and procedures to ensure we are in compliance with our control language." SOC 2 also has different pillars, so the scope of the audit may be different depending on what pillars your org is going after for compliance. The auditors will find something, that's their job, as long as you come to with decent mitigation, they are generally happy.
|
|
#
?
Feb 8, 2019 23:20
|
|
|
This is gonna be really crazy https://twitter.com/NBCNews/status/1094246798313644033?s=19
|
|
#
?
Feb 9, 2019 16:06
|
|
|
orange sky posted:This is gonna be really crazy Friend of mine told me yesterday that WF has no record of his mortgage.
|
|
#
?
Feb 9, 2019 16:13
|
|
|
guppy posted:Friend of mine told me yesterday that WF has no record of his mortgage. congrats on your friend for paying off his house so quickly, also screw WF so hard.
|
|
#
?
Feb 9, 2019 16:35
|
|
|
guppy posted:Friend of mine told me yesterday that WF has no record of his mortgage. Just out of curiosity as I'm not up on the US housing market, does that means he owns the house without debt, or that technically nobody owns the house right now?
|
|
#
?
Feb 9, 2019 16:54
|
|
|
Neddy Seagoon posted:Just out of curiosity as I'm not up on the US housing market, does that means he owns the house without debt, or that technically nobody owns the house right now?
|
|
#
?
Feb 9, 2019 16:57
|
|
|
|
| # ? May 25, 2024 23:55 |
|
|
Vulture Culture posted:It means the bank still has a lien on the house but has no record of any money being paid towards the lien Well of course it had to be the worst of all options Also I imagine that IT department right now telling the board that there's no backups nor a way to get that data back (you just know there isn't)
|
|
#
?
Feb 9, 2019 17:02
|
|