#we interact with zero system servers outside of our own | Explore Tumblr posts and blogs

the-sour-patch-crew · 11 months ago

Text

So, to put this up front, we do NOT consider what we do system hopping. But to be clear I WANT to see more people sharing experiences like this. When we talked about this in servers, people automatically assumed we meant system hopping. No. No that is not what this is at all. That is not what we meant by saying I was relaxing with my partner in headspace.

I'm also discussing this as a system that has ZERO metaphysical and spiritual members. I am not a fan of the term being used outside of multi-system systems talking about moving around in their own network.

My partner system @korya-elana and I regularly (more so prior to moving in) imagine our partners in our headspace. It's a delightful way to turn text conversations into fuller, more sensory filled experiences. But these are just projections of eachother. Imagined scenarios. Daydreams. That doesn't mean they do not hold sway or influence over our bodies and minds though. Just because it's a projection doesn't mean it isn't a very real experience for us.

These thoughts we interact with represent our partners and what we would like to be doing together. But they are not our partners. Ashe is not physically or metaphysically leaving our system to hop over to Kay's. She knows Kay is simply imagining her over there like she is imagining him over here. That's how this works.

NOW, could this projected double turn into an introjected version of Ashe in Kay's system? Yeah. But that individual is still just an introjection. It's not Ashe magically jumping ship and leaving this system for good.

While I fully believe that systems can experience members from other systems through daydreams and imagination, I am very against using system hopping to describe experiences like this. If you gain a member from another system, they are an introject, and they did not system hop.

We have a common headspace area, and it's a wonderful place. But it's still its own unique instance in each of our own minds. The Menagerie has theirs, and we have ours.

While I cannot speak for spiritual or metaphysical systems and how they function, I will always be very adamant about keeping it VERY clear about what the reality of system hopping outside of those is. It's extremely dangerous and manipulative to tell someone (with a CDD for example) that it's possible for members to travel to other systems.

So please, share experiences. But also be very clear on your type of system when discussing system hopping. But also, things like this don't need to be described with that term. It's just a nice visit. A nice daydream.

There's a phenomenon with plurality I'm not sure others have experienced but it's one quite regular and even integral in our experiences. For context, this blog answered an ask about system hopping that felt similar to a frequent experience that happens with me and my sys friends.

We all have a connected and shared headspace we can enter that forms from close bonds as a system and on an individual member level. Many of our headmates are family and friends from the same timeline, source, and just naturally form deep bonds that are then integrated after formation.

Our system specifically works by forming a portion of headspace with a new member and this applies to interactions with our sys friends. This usually occurs by interacting so often we can internally see others and interact with them without leaving a system. It's like a very heavy form of imaginative play but it actually affects the body and our headspaces when it happens. We've experienced this for years now and never considered it a kind of system hopping.

Do others experience this? Does anyone have any theories or thoughts? I find this super interesting and I'm hoping this opens interesting doorways in plural circles to figure it out!

#syscourse #system hopping #my fur stands on end when I see system hopping brought up that isnt related to internal system travel

20 notes · View notes

goldira01 · 5 years ago

Link

Before the COVID-19 pandemic, privacy was already at a premium. Now, we’re facing a further dive into the uncharted territory of pervasive privacy intrusions.

Targeted advertising tools in your web browser already track your favorite websites, purchases and habits, and browser privacy is a foregone relic. That data is then centralized under the auspices of a big technology firm’s servers and sold to the highest bidder or leveraged to glean a competitive edge.

Governments maintain wide-ranging surveillance on internet communications, and financial privacy is virtually nonexistent for any bank-related activities — encompassing the vast majority of financial transactions.

Most people care about privacy, and some are very passionate about preserving privacy. But people forfeit much of their privacy through ignorance of the technological mechanisms working behind the scenes of their web browser. They care more about the user experience than the often cumbersome hurdle of protecting privacy.

Even though only 14% of millennials believe that the advantages of technology outweigh the risks of sharing personal data, privacy is continually shuttered to the back seat of mainstream discourse. But privacy is quickly becoming the issue of our time, and COVID-19 — a pandemic ravaging cities around the world — may prove to be the spark necessary for people to understand why.

The unseen and the spark

The general passive response by the broader public around the world to privacy intrusions is worth exploring for several reasons.

First, many people are likely becoming numb to the repeated data scandals that populate the headlines of major media outlets seemingly every week. From Facebook’s Cambridge Analytica debacle, to the Equifax scandal, to the recent dumping of government emails and passwords online during the COVID-19 crisis, data hacks are endemic.

Second, the infiltration of privacy via the web is not a visceral experience. Privacy abuses are silent, working behind the scenes, and they are entirely outside the technical scope of most web users. Ignorance is bliss. The ease with which privacy abuses have proceeded uninterrupted for years has allowed their downstream consequences to fester and aggrandize into severe problems with enormous long-term implications.

And then came COVID-19.

Crises are often an excellent guise for sneaking in further intrusions of privacy at the expense of the public, which is precisely what’s been happening so far.

On the government’s end, a digital dollar has been snuck into the Small Business Administration relief package twice, and the EARN IT Act is a blatant attempt to make encryption illegal on the web. Coincidentally, such legislation that would receive mainstream pushback without a crisis is being considered seriously during a crisis.

The problem is that once apparatuses for abusing privacy are initiated, they’re rarely ever removed with ease. Just look at the Patriot Act and the ripple effect consequences that had on digital privacy.

Big tech firms are also on the receiving end of some highly questionable new developments. Google and Apple’s Bluetooth tracing is the manifestation of full-blown cellular tracking of people’s movements, everywhere. Sound Orwellian? It’s because it is. Google and Apple are feigning privacy with gratuitous front-end encryption gimmicks, but the data is still uploaded to their servers.

Related: How to Keep Data Private With Google and Apple’s Contact Tracing App

Privacy is the issue of our time because our control over it has slowly been eroded over time. We may have become numb to some of the broader abuses and high-profile scandals, but eventually an inflection point will happen. At that juncture, we will need lower-cost, user-friendly and powerful privacy tools to meet the demands of the public.

Fortunately, we’re already on the right track.

A wave of new technology

If COVID-19 ignited a resurgent demand for privacy in the digital age, then the current wave of cutting-edge technology focusing on open-source, peer-to-peer and cryptographic protocols is the foundation to build a new privacy standard — preventing the issue of our time from devolving further into ruin.

The onset of cryptocurrencies sparked a full-fledged grassroots movement in cryptographic primitives. Namely, ring signatures, bulletproofs and zero-knowledge proof technology such as zk-SNARKS. At the heart of these developments are the passionate proponents of privacy who wield number theory and mathematical trapdoor functions to make peering into communications or financial data virtually impossible.

Related: What Are Zk-SNARKs and How Do They Affect Digital Privacy?

For example, the zk-SNARKs used in our company’s protocol obfuscate all transaction details from the public ledger, whether it’s used for decentralized finance applications or simple transfers of large sums of value. Other projects, such as the open-source communications app Signal, rely on encrypted connections between users and are rapidly growing their user bases.

There are even early derivatives of some of the most popular work apps, such as Slack, that focus on privacy. For instance, Keybase is a key directory that maps social media identities to encrypted keys that can be used for coordinating projects and other larger endeavors, similar to Slack.

But privacy often extends beyond encryption and into distribution.

Google and Apple’s servers accumulate the data from all their users, which they hoard and monetize into massive stockpiles of cash. However, open-source and grassroots movements such as the decentralized web, or DWeb — a suite of P2P technologies driving the next iteration of the web — sever the propensity of tech companies to aggrandize data with impunity. By leveraging distributed storage solutions (e.g., InterPlanetary File System), encryption and distributed financial platforms (e.g., Compound), users can interact with similar applications and features without exposing their personal data to third parties.

The user experience was always the limiting factor, though. Previously, maintaining privacy was a hassle that only the most ardent supporters of privacy would go through to achieve a degree of anonymity on the web.

For most users, however, the costs of wielding a virtual private network, private chat app not owned by Facebook or private financial transactions outside the banking system were simply too high.

That’s different now.

For example, our company’s design explicitly caters to a “plug-and-play” audience of businesses, finance professionals and regular users looking to exercise anonymous smart contracts, confidential transactions or a private staking system to generate passive income. Apps such as Signal are climbing App Store download boards, and IPFS is on the precipice of its long-awaited public release.

The new generation of privacy tools is crafted for both individuals and businesses alike. The tools are user-friendly, open-source, don’t monetize your data and are waiting for that inflection point to welcome you aboard a new era of privacy.

You may have never imagined privacy being one of the foremost issues of our time. It has quietly eroded in the background of your favorite experiences as you surf the web. If the COVID-19 pandemic has a silver lining, it’s that the further privacy abuses furtively injected into fiscal relief packages and surveillance under the guise of disease tracking may have awoken the public to the persistent demise of privacy.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Zhengpeng Hou is the CEO of Suterusu, which is working to develop privacy protection over smart contracts, transactions and data for blockchain networks. Zhengpeng is the former director of ZBG Capital and has spent the last 10 years working on software development.

#Timor Invest

0 notes

preciousmetals0 · 5 years ago

Text

Why Privacy Is the Main Issue in the Time of the COVID-19 Pandemic

Why Privacy Is the Main Issue in the Time of the COVID-19 Pandemic:

Before the COVID-19 pandemic, privacy was already at a premium. Now, we’re facing a further dive into the uncharted territory of pervasive privacy intrusions.

The unseen and the spark

The general passive response by the broader public around the world to privacy intrusions is worth exploring for several reasons.

And then came COVID-19.

Crises are often an excellent guise for sneaking in further intrusions of privacy at the expense of the public, which is precisely what’s been happening so far.

Related: How to Keep Data Private With Google and Apple’s Contact Tracing App

Fortunately, we’re already on the right track.

A wave of new technology

Related: What Are Zk-SNARKs and How Do They Affect Digital Privacy?

But privacy often extends beyond encryption and into distribution.

For most users, however, the costs of wielding a virtual private network, private chat app not owned by Facebook or private financial transactions outside the banking system were simply too high.

That’s different now.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

0 notes

hillbillyoracle · 3 years ago

Text

So this post up and took off today (500+ notes in a few hours). I wanna respond to some of the things I’m seeing getting written in tags.

Language of Addiction

I just want to clarify that I’m not saying everyone who uses social media will get addicted or even that it’s naturally addicting.

What I am saying is that there are a percentage of folks who will become addicted. It’s like alcohol. Plenty of people can drink the amount they intend to and in a way that doesn’t harm themselves or their lives but some of us cannot. Same goes for social media.

It’s totally cool if the language of addiction doesn’t work for you. It does for me so that’s why I used it here.

My questions at the end are primarily directed toward people who are looking to make their communities and events accessible. Secondarily to make people a little more mindful if their friends want to maintain friendships outside of social media platforms.

Disability and Social Media

I am physically disabled. I was bedridden/housebound on and off for 3 years. I still isolate because my immune system isn’t the best and I’m at a higher risk for COVID complications.

Disabled or not, if you assume social media is fundamental and required for friendships - that’s a problem. Framing social media dependence as something core to a disabled experience excludes disabled folks with addictive tendencies and really just serves as cover to solidify and identify with a dysfunctional relationship with social media.

If you like social media - that’s fine. But framing it as structurally or systemically related to disability is not only disingenuous, it’s harmful. Identifying with maladaptive patterns means you’re somehow forsaking your disabled identity if you actually improve your life by moving away from it so you and others are less likely to. Let’s not.

The people hardest hit by treating social media as a foundational tech are people who are isolated and can’t go see people in person. I know first hand. That in no way means we HAVE to use it. We aren’t helpless victims to other people’s social media habits. It just means we suffer the most socially when we prioritize our health. There’s a difference.

Does Discord Count?

Totally depends on how you use it and what your relationship with it is.

The main parts of social media platforms that make them it so dangerous are the algorithmically driven feed designed to keep you on the site for as long as possible to sell ads, infinite scrolling, social relationship metrics, and casino based design techniques designed to create craving.

Discord doesn’t have most of that on it’s own. The red notifications when someone @’s you are from casino design but that’s mostly it. The feed is chronological, Discord really only tries to sell you Nitro and not well, and it doesn’t have social metrics itself.

Where you get into trouble are how sever owners design their servers. Some will have social metrics and check in bonuses. Some will create roles you get by participating more or reaching a certain amount of points for talking in the sever. Some servers fuel controversy to get more engagement.

What’s key is watching how you feel when you’re on a given server. Do you feel like you can step away and not miss out on the parts you enjoy most? Or do you feel like you constantly need to be checking notifications or you’ll miss out? Do you maintain friendships with people there outside of the server? Or if you leave the server would you have no real way to keep in touch?

I personally limit the amount of servers I check regularly to ones I really enjoy, actually have formed friendships in, and can use casually.

How to Get Sober from Social Media

I’m working on a whole zine about this at the moment but I’ll pass along a few tips that have been working for me.

Clean up your email. Email is basically a chronological feed of stuff you’ve chosen on some level to interact with. Check out Inbox Zero techniques. If you have gmail, leverage the labels and headings. I have mine set up to autotag emails from friends so they pop up in a subsection of the inbox I can check and even if I archive stuff, it’ll stay easy to find in that subsection. I also have one for content I enjoy reading like newsletters. Leverage your email. Make a new one if you need to that you only use for personal stuff.

Actually deactivate accounts. While it’s not hard to reactivate them, it’s more friction than just logging out or not having it on your phone and it feels more like you’ve made a statement you don’t really want to have to recant. Or at least that’s been my experience. Let folks you want to keep in touch with know about your email or another way to keep in touch then deactivate.

Replace social media with something else. Digital Minimalism by Cal Newport talks a lot about this in the section on the social media detox if you want more, but basically you have to replace social media with something else you enjoy deeply. Ideally an activity you wouldn’t want to give up if you have to choose between it and social media. For me I’ve focused more on my writing, bought a flow toy to learn, and have regular chats with friends through Marco Polo which I’ve enjoyed way more than the sporadic likes and comments I was getting on social media.

But yeah I hope to have more on this soon as I figure stuff out. Like, I’ve got no advice for online dating at the moment and I know that’s one spot where not having social media gets tricky. Especially for poly folks. So I’ll have to do some experimenting there.

Hope this helps!

Unpopular opinion: I think it's worth thinking about social media in terms of sobriety much like we do alcohol.

I get internet addiction is it's own thing but as someone who's been sober for the last 2 years - longest point at any time in my adult life - they fucking feel pretty similar. I finally went all in on cutting out all social media but Tumblr a few weeks ago and I'm having very similar symptoms to when I cut out drugs and alcohol. It's like parts of my brain I didn't realize had shut off are coming back online.

And what I mean by this specifically is that in the same way that we have discussions about lack of sober (per alcohol) spaces in communities - especially the queer community - I think it's worth having those conversations around social media sobriety too.

The people who designed some of our biggest platforms used the same techniques as casino gambling. If every community event was held in a casino and gambling was basically required, we'd probably at minimum have a discussion about it. But mention it with social media and everyone acts like you're against the printing press/reading.

I'm just saying it should be normal to maintain friendships outside of social media. And it's been real slim pickings which friends have kept in touch off of it.

Reminds me of how part of what kept me in the bar scene was because my friends only ever wanted to hang out at them. Which kept me drinking. Which was...not great for me. At minimum.

Not pushing a specific solution - just saying it's worth considering. Does your community have gathering spaces that aren't selling ad space and dictated in part by an algorithm? Does maintaining friendships require a major platform? Can people find out about events without needed to sign up for a Facebook account? Etc.

#additional context #holy crap #this post blew up

4K notes · View notes

ncmagroup · 6 years ago

Text

by ELEN VEENPERE

Solve complicated scenarios with great communication.

In customer service, every interaction matters, and there is no 100% right or wrong way to deal with any situation.

Even though the ability to think on a case-to-case basis is one of the foundations for great customer service, it’s good to have a few customer service email templates ready for some “classic” difficult scenarios for when they do happen.

And they will.

Today, we’re going to share five customer service email templates from our own archives to use for the most challenging of situations.

Using Customer Service Email Templates

The great thing about customer service templates is that instead of just explaining a strategy conceptually, a template helps you see the concept in action.

All of the examples we’ll show you today are actual, real email scripts that we’ve used in our customer service communication.

However, the crappy thing about templates is that if you copy and paste the scripts you find here or anywhere else into your own emails, you’re missing out on a big opportunity to build authentic, human relationships with your customers.

Or even worse, you risk some embarrassing fails:

(Yes, this is real.)

How (SPECIFIC SYNONYM OF “REALLY PISSED OFF”) would you, as a customer who had a bad experience, feel if you received this?

Templates make a zero difference if you don’t genuinely care about making your customers happy and successful. Developing empathy is absolutely the most crucial thing to make your customer support amazing, and it needs to come through in every single email you write.

So, approach these templates carefully. Read them, save them, discuss them and revisit them. Internalize them to understand the main points—but change them to make them your own.

Your customers will appreciate it, and the strategies will work much, much better.

Let’s get started.

Template #1: A Customer Asking for a Discount

Derek Halpern says that discounting can destroy your business.

There are businesses out there that discounts work perfectly well for, but we’re not one of them. Our goal is to make the perceived value of Groove higher, not lower, and discounting is a great way to accomplish the latter.

When a customer asks for a discount, we’ll respond with something like this:

Why this works: It’s empathetic (we know how they feel), personal (we include information about them and their account) and still delivers value (the consultation we’re offering increases the perceived value of Groove through great customer support).

Saying no can be hard, but sometimes it’s necessary to make sure all your customers are on a level playing field and you’re not damaging your business.

Template #2: A Feature Request You’re Not Going to Build

Most software companies get dozens of feature requests every week—and that’s not a bad thing. It means that your users care enough to offer their own ideas and feedback to help you make your product even better for use cases like theirs.

However, not only would it be impossible to build it all, it wouldn’t be smart, either—many requests, though perfectly reasonable, don’t align with what we already know most customers would find valuable.

But flat-out rejection really sucks—it’s a slippery slope to making your users feel like their ideas aren’t worthy. All you need to do is phrase your rejection the wrong way.

We’ve tested 10+ different approaches for this situation in the past few years, and one of them continues to stand out above the rest:

Why this works: It’s personal (we took the time to really think about the idea, and our response makes that clear), it’s positive, and it still delivers value to the customer.

If you’re lucky, your customer will accept that their request will not be fulfilled, but you’ll walk them through an alternative that’ll work for them instead. Win-win.

What if a customer says they’ll flat-out leave if you don’t build what they want you to?

Generally, if a feature is make-or-break, but we can’t justify building it (due to resource constraints or it being outside the scope of our vision/focus), our main goal is still to make the customer happy, even if that means they might leave. For now.

In fact, if the feature is 100% critical for them and we can’t offer a viable alternative, we’ll tell them which of our competitors with that feature we think might serve their needs best.

We get it—the smallest thought of admitting that your competitor has something better can be frightening. However, here’s what happens as a result:

Even though our product might not fit their needs, the customer will know that we went out of our way to guide them towards what’s genuinely best for them. That sort of goodwill goes a long way.

If you do end up building that feature in the future, because of the way you handled the issue, you have a strong case to make for that customer to return.

Both of those things are a better alternative than having a customer who leaves feeling 100% unhappy with our product and likely to disappear for good.

Template #3: A Customer That Needs Babysitting Through a Simple Task

Saying “yes” all the time means that your customers will wind up relying on you for every little thing. This will cost you time and money.

You might think that saying no will offend your customer and potentially destroy the relationship you’ve built. That’s not necessarily the case. In fact, saying “no” can be the best choice for you and your customer—especially when you know exactly how to do it.

There are a number of ways you can go from saying “yes, and” to “no, but.”

First things first, you need to assess the real urgency of the situation at hand—make sure that the issue really isn’t something that requires your immediate and undivided attention:

And then, when you know for sure that it’s a simple issue they’re able to fix on their own, provide them with the resources to do so:

If you have managed to put together a great knowledge base or other self-help solution, your customers will be willing (and eager) to engage. People actually like using self-serve support, especially if the resources are tailored to them.

If their problems aren’t answered in your knowledge base, use it as an opportunity to improve your content there.

Receiving a request to do the customer’s work is an opportunity to teach them how to use your services, and gives you the chance to define expectations.

Why this works: It’s asking the customer to explain the issue to you in more detail, which will automatically make them think rationally and puts them in the mindset of fixing the issue; it’s helping the customer learn about your product and feel accomplished, and it’s still reassuring them that you’re there when they need you.

Template #4: An Angry Customer

Everyone in customer support will at some point have to deal with an angry customer.

Sometimes, the customer is angry because they feel slighted by something you or your company did. Sometimes, they’re venting because they’ve had a tough day and you’re an easy target. No matter what the underlying reason is, how you deal with it will make or break the situation.

The Walt Disney Company is known for being a masterfully run company—businesses pay thousands of dollars to send their employees to the Disney Institute to learn the company’s insights.

And with more than 135 million people passing through the company’s parks and resorts each year, Disney has perfected the art of customer service recovery to create happy and loyal customers.

Their approach to service recovery is a five-step process, easily remembered with the acronym H.E.A.R.D, which stands for:

Hear

Empathize

Apologize

Resolve

Diagnose

First things first—don’t let your customer’s anger influence your own behavior. That is—don’t get angry back.

The next step is to acknowledge your customer’s feelings. Be empathetic, apologize, and make it clear that you understand that they’re upset.

Third, refocus the conversation on what’s most important: the actual problem at handwork to find a resolution to the issue.

Here’s a real example of how you can turn an angry customer into a happy one:

Why this works: It follows the H.E.A.R.D system by empathizing, apologizing, eventually resolving, and helps the customer feel better by knowing that their problem is being taken very seriously.

Template #5: Your Product or Service Is Broken

Anyone in SaaS who’s been through a serious server outage knows the sinking feeling of realizing that all of the support emails in your inbox are coming in from upset customers who are wondering why the product they pay for isn’t working.

This has happened to us, too. One of the most devastating moments in our product history was when one of our servers had a meltdown a few years back—a crapstorm of many dimensions.

Fortunately, the support emails we sent saved us more than a handful of customers.

Here’s the email we used:

Why this works: It was informative (it included all of the details we knew at that time, with no obfuscation), empathetic (we were clear that we knew how terrible this was for our customers), apologetic and personal (including Alex’s email address and the promise of a follow-up).

Note: just as important as saying the right thing in this situation is making sure you actually do keep updating your customers regularly until a conclusion is reached. You hate being kept in the dark, and your customers do, too.

Using Customer Service Email Templates to Improve Your Support

The customer service email templates we shared today are for very specific situations, but the concepts in them (empathy, sharing information, promises that you’ll keep, etc) can be applied to just about every support situation you run into.

Above all: dig deep to understand and appreciate how the customer feels, and respond the way you’d want to be responded to.

Do you have any particular scripts or approaches you love to use? Or any tough situations you’d like help dealing with?

Let us know in the comments!

Go to our website: www.ncmalliance.com

5 Customer Service Email Templates for Tough Situations by ELEN VEENPERE Solve complicated scenarios with great communication. In customer service, every interaction matters, and there is no 100% right or wrong way to deal with any situation.

0 notes

terabitweb · 6 years ago

Text

Original Post from Microsoft Secure Author: Todd VanderArk

Zero Trust has managed to both inspire and confuse the cybersecurity industry at the same time. A significant reason for the confusion is that Zero Trust isn’t a specific technology, but a security strategy (and arguably the first formal strategy, as I recently heard Dr. Chase Cunningham, Principal Analyst at Forrester, aptly point out).

Microsoft believes that the Zero Trust strategy should be woven throughout your organization’s architectures, technology selections, operational processes, as well as the throughout the culture of your organization and mindset of your people.

Zero Trust will build on many of your existing security investments, so you may already have made progress on this journey. Microsoft is publishing learnings and guidance from many perspectives to help organizations understand, anticipate, and manage the implications of this new strategy. This guidance will continue to grow as we learn more. A few highlights include:

Maturity model—Describes the Zero Trust journey.

CISO Workshop Module 3: Identity and Zero Trust User Access—Learn how to advance Zero Trust with your identity and user access strategy.

Improve security with a Zero Trust access model—Microsoft Corporate Vice President and CISO, Bret Arsenault, describes how Microsoft is approaching Zero Trust with advice for applying learnings to your organization.

Zero Trust: A new era of security—E-book summarizing dynamics of Zero Trust and how Microsoft technology supports it today.

Zero Trust landing page—Overview and links to resources, assessments, etc.

In previous posts of this series, we described Microsoft’s vision for an optimal Zero Trust model and the journey of our own IT organization from a classic enterprise security to Zero Trust. Today, we focus on what a good strategy looks like and recommended prioritization (with a bit of history for context).

Zero Trust security continuously validates trustworthiness of each entity in your enterprise (identities, applications and services, devices) starting each with a trust level of zero.

Evolution of security strategy

The central challenge of cybersecurity is that the IT environment we defend is highly complex, leading security departments (often with limited budgets/resources) to find efficient ways to mitigate risk of advanced, intelligent, and continuously evolving attackers.

Most enterprises started with the use of a “trusted enterprise network,” but have since found fundamental limitations of that broad trust approach. This creates a natural pressure to remove the “shortcut” of a trusted enterprise network and do the hard work of measuring and acting on the trustworthiness of each entity.

Network or identity? Both (and more)!

The earliest coherent descriptions of the Zero Trust idea can be traced to proposals in the wake of the major wave of cybersecurity attacks. Beginning in the early 2000s, businesses and IT organizations were rocked by worms like ILOVEYOU, Nimda, and SQL Slammer. While painful, these experiences were a catalyst for positive security initiatives like Microsoft’s Security Development Lifecycle (SDL) and began serious discussions on improving computer security. The strategy discussions during this timeframe formed into two main schools of thought—network and identity:

Network—This school of thought doubled down on using network controls for security by creating smaller network segments and measuring trust of devices before network controls allow access to resources. While promising, this approach was highly complex and saw limited uptake outside a few bright spots like Google’s BeyondCorp.

Identity—Another approach, advocated by the Jericho Forum, pushed to move away from network security controls entirely with a “de-perimeterisation” approach. This approach was largely beyond the reach of technology available at the time but planted important seeds for the Zero Trust of today.

Microsoft ultimately recommends an approach that includes both schools of thought that leverage the transformation of the cloud to mitigate risk spanning the modern assets and (multiple generations of) legacy technology in most enterprises.

Prioritizing and planning Zero Trust

Microsoft recommends rigorous prioritization of Zero Trust efforts to maximize security return on investment (ROI). This default prioritization is based on learnings from our experience, our customers, and others in the industry.

Align strategies and teams—Your first priority should be to get all the technical teams on the same page and establish a single enterprise segmentation strategy aligned to business needs. We often find that network, identity, and application teams each have different approaches of logically dividing up the enterprise that are incompatible with each other, creating confusion and conflict. See the CISO workshop video, Module 3 Part 3: Strategy and Priorities, for more discussion of this topic.

Build identity-based perimeter—Starting immediately (in parallel to priority #1), your organization should adopt identity controls like Multi-Factor Authentication (MFA) and passwordless to better protect your identities. You should quickly grow this into a phased plan that measures (and enforces) trustworthiness of users and devices accessing resources, and eventually validating trust of each resource being accessed. See the CISO workshop video, Module 3 Part 6: Build an Identity Perimeter, for more information on identity perimeters.

Refine network perimeter—The next priority is to refine your network security strategy. Depending on your current segmentation and security posture, this could include:

Basic segmentation/alignment—Adopt a clear enterprise segmentation model (built in #1) from a “flat network” or fragmented/non-aligned segmentation strategy. Implementing this is often a significant undertaking that requires extensive discovery of assets and communication patterns to limit operational downtime. It’s often easier to do this as you migrate to the cloud (which naturally includes this discovery) than it is to retrofit to an existing on-premises environment.

Micro-segmenting datacenter—Implement increasingly granular controls on your datacenter network to increase attacker cost. This requires detailed knowledge of applications in the datacenter to avoid operational downtime. Like basic segmentation, this can be added during a cloud migration or a net new cloud deployment easier than retrofitting to an on-premises datacenter.

Internet first clients—A simple but significant shift is when you move client endpoints from being on the internet part-time to full-time (versus sometimes on corporate network and sometimes remote). This is a straightforward concept, but it requires having already established a strong identity perimeter, strong endpoint security and management over the internet, publishing legacy applications to your internet clients, dedicated administrative workstations, and potentially other initiatives before “rolling back” the firewalls from clients.

What good looks like

Zero Trust is a model that will ultimately be infused throughout your enterprise and should inform virtually all access decisions and interactions between systems.

Expanding on the three principles of Zero Trust from the Zero Trust vision paper—Verify Explicitly, Least Privilege Access, and Assume Breach—the hallmarks of a good enterprise Zero Trust strategy include:

Continuously measure trust and risk—Ensure all users and devices attempting to access resources are validated as trustworthy enough to access the target resource (based on sensitivity of target resource). As technology becomes available to do it, you should also validate the trustworthiness of the target resources.

Enterprise-wide consistency—Ensure that you have a single Zero Trust policy engine to consistently apply your organizations policy to all of your resources (versus multiple engines whose configuration could diverge). Most organizations shouldn’t expect to cover all resources immediately but should invest in technology that can apply policy to all modern and legacy assets.

Enable productivity—For successful adoption and usage, ensure that the both security and business productivity goals are appropriately represented in the policy. Make sure to include all relevant business, IT, and security stakeholders in policy design and refine the policy as the needs of the organization and threat landscape evolve. For more information, see Meet Productivity and Security Goals.

Maximize signal to increase cost of attack—The more measurements you include in a trust decision—which reflect good/normal behavior—the more difficult/expensive it is for attackers to mimic legitimate sign-ins and activities, deterring or degrading an attacker’s ability to damage your organization.

Fail safe—The system operation should always stay in a safe state, even after a failed/incorrect decision (for example, preserve life/safety and business value via confidentiality, integrity, and availability assurances). Consider the possible and likely failures (for example, mobile device unavailable or biometrics unsuccessful) and design fallbacks to safely handle failures for both:

Security (for example, detection and response processes).

Productivity (remediation mechanisms via helpdesk/support systems).

Contain risk of attacker movement into smaller zones—This is particularly important when you’re reliant on legacy/static controls that cannot dynamically measure and enforce trustworthiness of inbound access attempts (for example, static network controls for legacy applications/servers/devices).

Into the future

Over time, we expect Zero Trust will become accepted and commonplace where people simply learn it in “Security 101” (much like the least privilege principle today). Zero Trust is expected to evolve as we all become more comfortable with what this new normal entails and have ideas on how to optimize efficiency and address the attackers’ ongoing attempts to find a chink in the new armor.

Zero Trust

Reach the optimal state in your Zero Trust journey.

Learn more

Our next blog will discuss how to make Zero Trust real in your enterprise starting with technology available today, which you may already have deployed or have access to! In the meantime, bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post Zero Trust strategy—what good looks like appeared first on Microsoft Security.

#gallery-0-5 { margin: auto; } #gallery-0-5 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-5 img { border: 2px solid #cfcfcf; } #gallery-0-5 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */

Go to Source Author: Todd VanderArk Zero Trust strategy—what good looks like Original Post from Microsoft Secure Author: Todd VanderArk Zero Trust has managed to both inspire and confuse the cybersecurity industry at the same time.

#Microsoft Security

0 notes

automaticduckcollectorus-blog · 8 years ago

Text

The best ways to Ranking Higher On Google.com In 2015.

Asphalt 8: Airborne is actually a driving activity where you can easily take the wheel of some of the planet's fastest cars and also travel via numerous easily-recognizable landscapes coming from throughout the world - plus all of that while carrying out difficult jumps at inconceivable velocities. This is actually actually very easy to participate in, as well as the funny political style creates this all the more better, however, the activity can get bothersome if you do not turn off the appear that detail specifically what each and every single electrical power up does. As well as merely to oppose ourselves: cost-free video games with in-app purchases are great, and also commonly provide you an excellent experience without having to compensate. However, when you receive great at all of them you'll locate that you're frequently said to when to cease, if you want to regrow one thing or reach the next level. If you do not have any type from travel insurance coverage, your life can be threatened, either practically or even in terms of the financial harm the medical prices can inflict upon you. Aside from this, Namibia- Traveling & Explore guides you Why, When as well as The best ways to explore different places in Namibia with accurate site on the detailed Map. The retro-style geometric design of your little hero fox and the yards he runs through are actually fun to check out, and the soundtrack is zippy as well as memorable. Pick this choice if recognize computers ... or even understand travel ... or even know you are actually quite determined/picky. Since this's part of Microsoft, anticipate it to stay a competitor one of the best activities on Android. Our company are actually the leading involved trip manual for greater than 300 places across the globe. Examine out Freja and also the Part two and also prep to be actually pleasantly weirded out if you're looking for a break off the common mobile phone video games you are actually used to. Overall the game is a bit of a variety, yet it's a fun one to use to flaunt your new console to buddies. Madden NFL Mobile gives great exciting whether in the course of halftime or even break opportunity at the workplace-- so long as you do not mind being somewhat slowed down due to the antiques part. Transform the Universe Details 4 and also the hub off for a minimum of 10 secs, at that point switch all of them back and retry the connection. For those which don't know, Airbnb enables people to rent out spare areas to arbitrary vacationers. http://buyit-direct.vn/princess-hair-mat-na-cho-toc-danh-gia-ket-qua-mua-o-dau/ to think this is. Therefore although Peep Show (The Quotatron) isn't really specifically an interactives media tour-de-force, having as it does around 50 audio quotes coming from 2 of one of the most twisted, tortured as well as amusing personalities devoted to TV, it over compensates by being incredibly amusing. A 90s timeless resuscitated (unlike its own primary protagonist), Grim Fandango Remastered is a prosperous effort at restoring among the Personal Computer's finest journey games from perpetuity. Yet it is actually an exciting little bit of device to always keep about, and I may share from experience that handing an individual a physical image implies a great deal more than an electronic one. Fingerprint Blood Pressure Checker Prank is the very best use for misleading your friends. Your medical insurance could pay you for medical costs the moment you compensate and find your very own exit from medical center in Bangkok as well as rebook your traveling after missing an air travel. When you take a trip along with another person, the journey is more about your common adventures, which can be a fantastic trait sometimes, but certainly not constantly. It's not the absolute most feature-packed or even actually state-of-the-art game in the world, but if you've appreciated Just Dance video games previously this appears to be a very serviceable version. In fact, this high blood pressure display treatment is a prank, this treatment presents you high blood pressure, reduced high blood pressure as well as ordinary blood stream raised blood pressure in high blood pressure and sweets test prank possesses no connection with your bp. This is actually a fantastic introduction that permits you practice tactics and play as numerous video games as you will like if you are actually new to cribbage. That additionally doesn't suggest simple, pick-me-up games should be disqualified as Activity of the Year. If you really want a greater megapixel the specific pixels must be much smaller, small pixels are terrible at low illumination. She is actually aware you may not be as trip oriented as her but she will definitely constantly be actually exciting, have exactly what lifestyle must use and also help you do the very same. One plus included a dash battery charger function which demanded the phone to 40%, in the same time as my phone charged to 3%. Crazy ... however we located that a person And possesses some significant concerns with GPS so enjoy yourself aiming to participate in Pokemon SELECT this. Oh, and when I actually desire to laugh (since whatever is dark good enough nowadays), I am actually watching season four from Brooklyn 99 on Netflix, which I think is one of the absolute most consistently comical shows being actually made right now. Similarly, I have actually heard AT&T refuse insurance policy to unlocked Sony or even Nokia Symbian phones that may not be officially portion of the provider's lineup. So go forward and also take an outing to a close-by city or even a month-long ride all over Europe-this. is your lifestyle to reside as well as you are worthy of to have the travel experiences you really want. With the upsurge of premium treaties like the superb Sony Cyber-shot RX100 V taking the rumbling from portable travel zooms, Panasonic's reaction has been actually to maintain the camera body concerning the exact same dimension as its own earlier ZS/TZ-series cams but to press a much bigger sensing unit in to the Lumix ZS100 (referred to as the Lumix TZ100 outside the US). There are actually a number of circumstances when this is useful when this comes to travel investigation. Alone World online also offers everyday estimates for finances travel under Costs. That'll zero in on your location and then smartly get you from A to B, delivering all type of traveling alternatives as well as directing, and also, where relevant, online opportunities for transportation. When you have actually put in the hosting server on your target's COMPUTER as well as the controller on yours, you can open up as well as close their Compact Disc drive, play crazy sounds or turn up sharp containers on their monitors. The Pop Color tool is actually especially appealing, enabling you to quickly alter the hue of a certain aspect of your photo. Most of their applications as well as activities are well-regarded through moms and dads and are wonderful for younger children. That carries out possess a ton of the required in-app upgrades, however you might not mind if you possess sufficient exciting applying for each of Gotham's enemies. Feel free to observe that certainly not all phones assist the Android system needed for DOCTOR Car parking 4. However you are actually proposed to always keep the body improved. Teenagers investigate a course off school to a clinic that provides contraception and also STD tests, and jot down its own discretion policy. Having said that, while Microsoft isn't really marketing the perk, your brand-new console upgrade can also enhance the efficiency of some games. The five-stage degree sets are developed to be finished in plain secs, yet additionally to crack your mind as well as problem your fingers. For the iPhone, AT&T additionally needs added traits, which can make that too high for visitors to unlock their apple iphone in a timely manner. Featured are some outstanding trivia activities as well as quiz games, featuring You Aren't sure Jack, Fibbage, Quiplash, Drawful, Deception Swatter, as well as others. If Modern Fight 5 is decision from Duty of the Play Shop-- recognizing, naturally, the non-traditional Ring of Duty games available-- at that point N. V.A. 3 is the Halo. Suffice to mention that my Petrolhead buddies state that is among the most effective auto activities out there, and also the customer reviews agree.

0 notes

howdoitechtk-blog · 8 years ago

Text

How to make a smart mirror in home conditions?

The magic mirror of the future won’t just say you’re the prettiest of them all. It’ll also tell you the time, date, weather outside, upcoming calendar appointments, and more. In fact, you can make such a smart mirror right now. All you need is a Raspberry Pi and some DIY work.

A smart mirror is featured on one of these amazing videos to peek into the future. You can’t yet buy a smart mirror, although that should happen soon enough. For now, your only option is to build it yourself. It’ll cost you roughly $300 to start from scratch, but you can easily cut costs and get it down to $100. Especially if you use the low-cost, hacker-friendly Raspberry Pi.8 Amazing Videos to See Smart Homes in Action 8 Amazing Videos to See Smart Homes in ActionPeople have been living in smart homes for 20 years! So what kind smart home tech of tomorrow can actually be demonstrated today? Let's see the life that awaits us in the near future, not...READ MORE

Why You Need a Raspberry Pi

A smart mirror is basically a mirror with a screen behind it. That screen can be an Android tablet or a computer monitor. Naturally, a monitor will make for a larger mirror. It’s also a great way to repurpose an old LCD monitor. But you can’t cram a full computer in there, unless you use a Raspberry Pi.

The Pi is basically a credit card-sized computer. It runs Linux-based operating systems, and has a large community of developers. In fact, the smart mirror DIY community prefers the Pi over all other methods. Throw in its $35 price tag and it’s a no-brainer to use this over any other gadgetry.9 Things You Wanted to Know About Raspberry Pi 9 Things You Wanted to Know About Raspberry PiWhat is a "Raspberry Pi"? Who made it? What's the point? What can you do with it? Let's find answers for all the frequently asked questions about the Raspberry Pi.READ MORE

At the moment, no one has made a smart mirror with the $5 Raspberry Pi Zero. It should be possible, but you’d need to add network connectivity.

What You’ll Need

Whichever smart mirror project you decide to do from this list, there are a few elements you’ll always need. To make your search easier, and to stop repeating ourselves, here are the most important components.

A Two-Way Mirror

It’s a smart mirror, so it should be no surprise that you actually need a mirror, right? The project requires a two-way mirror, which you can buy at TwoWayMirrors.com or head to your local hardware store. Ideally, get it from the site since you can customize the height, width, and edges. It has become so popular among the DIY crowd that it has a separate smart mirror price calculator now.

An LCD Monitor

This is the best way to make use of any old computer monitor you have lying around. Behind the mirror, you’ll be installing a monitor. You could buy a new one, but you’ll save big bucks by buying used devices instead. Hit up Craigslist or Freecycle and you’ll likely find one for cheap. Needless to say, the monitor needs to be smaller than the mirror.The Ultimate Guide to Buying Used Devices The Ultimate Guide to Buying Used DevicesI bought my current laptop, a 2011 Macbook Pro, on Craigslist almost four years ago. Here are some tips I picked up during my quest.READ MORE

A Raspberry Pi

So far, no one has made a smart mirror with the $5 Pi Zero. So your cheapest option at the moment is using a Raspberry Pi B for around $20 and adding a Wi-Fi dongle. If you can afford it, get the new $35 Raspberry Pi 3 (CA/UK), which has built-in Wi-Fi. Choose the product and distributor that’s best for you on the official site.

A Wooden Frame

Something to hold together that mirror and the monitor behind it. You can optionally skip this step, but it’ll look a bit rough around the edges, and require serious cable management. Your local hardware store should sort you out.

Along with these, you’ll need all the basic tools required with them. So make sure you have a screwdriver, screws, sander, woodworking tools, and so on.

MagicMirror²: The Original Open-Source Pi Smart Mirror

This is the MagicMirror². There are many like it, but this one is Michael Teuw’s. He was among the first to build and document the entire smart mirror process with a Raspberry Pi. In fact, he made all his work open source and modular, so that anyone could build their own and improve on it.

Michael has written a six-part series on the MagicMirror², so you can read all about it on his blog. He’ll take you through the full setup and build.

The best part is how easy he has made the process. Run a simple bash script from MagicMirror², and your Raspberry Pi will be ready to go. The default modules include a clock, a calendar, weather forecast, news feed, and a complimentary message. And people are building third-party modules that you can install.

If you’re new to the world of smart mirrors, this is the project to start with. It has a large community around it and you can ask for help on the MagicMirror² forum.

MirrorMirror: The Best Hardware Guide

Dylan Pierce’s MirrorMirror isn’t related to MagicMirror, but it’s just as useful. Mainly because Pierce’s original blog post is the best step-by-step guide to the actual building process.

Pierce broke from the norm and installed Raspbian on his Pi, then loaded Chromium to run on startup. Finally, he made his own web page and server.How To Install An Operating System To Your Raspberry Pi How To Install An Operating System To Your Raspberry PiHere's how to get a new OS installed and running on your Pi – and how to clone your perfect setup for quick disaster recovery.READ MORE

Before you make your own smart mirror, read the full post. Pierce was building this smart mirror as a gift. So he has taken care to ensure it looks brilliant. There are useful steps in here, like how to remove a monitor’s bezel or cable management. But the jewel of the piece is in his woodworking.

If you aren’t familiar with woodworking but want to make a frame for your smart mirror, Pierce’s build is the best. He even set up a MirrorMirror forum for any help you need.

The Voice Controlled Smart Mirror

You can actually interact with Evan Cohen’s smart mirror by talking to it like an Android phone. And yes, it still runs on a Raspberry Pi — you don’t need an Android device.How to Control Your Android Device Entirely with Your Voice How to Control Your Android Device Entirely with Your VoiceWant to control your Android phone or tablet completely with your voice? This official app from Google makes it surprisingly easy.READ MORE

Cohen has provided the full documentation of how to build, install, and operate his smart mirror. The video is really impressive, and it works with several third-party apps. For example, you can control smart LED lights like Philips Hue by talking to your mirror.

This one too has a wonderful, detailed hardware guide. If you’re planning to build it, use the provided guide instead of Pierce’s method.

Smart Mirror Mini: The Cheapest Yet

If you don’t want to spend much on your first build, go with Nathan Patrick’s build. The Smart Mirror Mini costs just less than $100 to build.

He cut down the size to save cost, using a 7-inch screen instead of a full-size. So the display area will be limited, but remember, you can still use a larger mirror if you want to. Maybe only use one corner of your entire mirror instead of the whole surface.

The Gesture-Controlled Smart Mirror

Can you make a touchscreen smart mirror? Yes, it’s possible. But that means fingerprint smudges. It’s smarter to use gesture-control. For that, you need Hover, a Raspberry Pi expansion module for gesture and touch sensors.Five Great Raspberry Pi Expansions That Make It Even More Useful Five Great Raspberry Pi Expansions That Make It Even More UsefulYour Raspberry Pi is versatile and at times amazing, but are you harnessing the full power of that little box? Power-up your Pi with these 5 expansions!READ MORE

Builder Adam Laycock still hasn’t got the whole thing working well, so you can follow his blog to see where this goes. Or if you’re a coder yourself, play around with the Hover repository to build your own gesture-controlled tools.

The Coolest Mirror Yet: Touchscreen Smart Mirror

Ryan Newlan made the absolute best smart mirror we have seen so far. It looks cool, but more than that, it does cool things. It’s a touchscreen mirror with a bunch of great apps.

You can watch YouTube videos. You can browse Reddit. You can control your Nest smart thermostat. You can even hail an Uber! Newlan hasn’t shared how he made it, so we don’t know if this uses a Raspberry Pi or not. But just look at it! Oh yeah, it’s real.How to Install and Use the Nest Thermostat to Automate Energy Savings How to Install and Use the Nest Thermostat to Automate Energy SavingsIf you've ever considered getting started with home automation, purchasing a Nest thermostat is the perfect way to start. In just a week of using it, we cut our energy consumption in half.READ MORE

Smart Mirrors: Raspberry Pi vs. Others

If you’ve made a smart mirror, we want to see what it’s like. So share a link in the comments below.

More importantly, if you’re going to make one yourself, would you build one with the Raspberry Pi or go with a different device? Android-based smart mirrors seem easier, since there’s no coding involved. But they’re also much more limited by screen size.

0 notes