Information Security Leader, Author, Instructor and Speaker

How to Stop Phishing Attacks

Most successful attacks begin with a simple message. Here is what every organization should know about eliminating email-based malware.

How Real Is the Threat?

It’s very real. It may be tempting to dismiss phishing attacks as a tactic of the past, but attackers continue to rely on them because they work. Verizon studied hundreds of security breaches in 2019 and found that phishing was the most common method for successful attacks. 

Published May 2020 in BizTech Magazine.
Read the full article: How to Stop Phishing Attacks

Posted in Articles | Leave a comment

IDC PlanScape: Privacy Engineering

“Meeting privacy expectations of management and stakeholders requires a cross-functional approach with contributions from business leaders, privacy professionals, technologists, and cybersecurity teams,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP).

IDC Research Report published May 2020.
Read the full report: IDC PlanScape: Privacy Engineering

Posted in White Papers | Leave a comment

Tech Tips for Colleges Using Zoom for Remote Learning

Last summer, I had the opportunity to teach an undergraduate course in my university’s online summer program. I took a course that I had delivered in person many times and worked with my school’s digital learning team to transform it into a hybrid digital format that combined a series of short five- to 10-minute videos with weekly live online sessions over Zoom. Little did I know that my experiment was setting the stage for the most disruptive change to hit higher education in my career. 

I feel quite fortunate to have that remote class under my belt as I take part in the rush to move online this semester. Here’s some practical advice from that experience that might help you as you adapt to online learning.

Published April 2020 in EdTech Magazine.
Read the full article: Tech Tips for Colleges Using Zoom for Remote Learning

Posted in Articles | Leave a comment

3 Tips for Protecting a VPN in the Face of Major Vulnerabilities

Last year, the Department of Homeland Security issued a vulnerability notice that disturbed many in the cybersecurity community: Several popular virtual private network solutions insecurely stored authentication cookies in their memory or log files.

An attacker gaining access to that information could steal a legitimate user’s session and gain access to services protected by the VPN without going through the normal authentication process.

Published March 2020 in FedTech Magazine.
Read the full article: 3 Tips for Protecting a VPN in the Face of Major Vulnerabilities

Posted in Articles | Leave a comment

Best Practices for Ensuring Data Security in the Cloud

Cloud solutions offer virtually limitless potential to educators. From interactive learning management systems to parent communication portals, cloud-based technologies provide state-of-the-art educational tools without the large investments required to build and maintain technical infrastructure. It’s no surprise that schools and districts around the nation are quickly embracing these tools as the future of educational technology.

These benefits do come with risks, however. Faculty and administrators often embrace the educational advantages offered by the cloud but remain wary of the security and privacy implications of using cloud-based platforms. To ensure their use of technology doesn’t create security or privacy headaches, here are five best practices that educators should follow.

Published February 2020 in EdTech Magazine.
Read the full article: Best Practices for Ensuring Data Security in the Cloud

Posted in Articles | Leave a comment

The 5 Cybersecurity Must-Haves for Every Business

Walking the exhibition hall at a modern cybersecurity trade show can be a dizzying experience. Vendors from every angle tout products bearing seemingly urgent new capabilities (and new acronyms to match). The unspoken implication is that failure to purchase the latest solution will result in certain cybersecurity doom.

It’s hard to separate the signal from the noise to determine which security solutions will really move the needle for a business.

Here’s the thing, though: Robust cybersecurity programs revolve around a core set of solutions that provide the foundation for a strong cybersecurity operations team. Let’s take a look at a few of the technologies that should be in almost every business environment today.

Published December 2019 in BizTech Magazine.
Read the full article: The 5 Cybersecurity Must-Haves for Every Business

Posted in Articles | Leave a comment

Adapt These Settings for a Faster Windows 10

When Microsoft launched Windows 10 in 2015, the company set a goal of hitting 1 billion installed devices within three years.

Two years later, 500 million devices were running Windows 10. That’s a little behind Microsoft’s aggressive target, but half a billion installed devices is a tremendous footprint. Now that we’re approaching the January 2020 end-of-life deadline for Windows 7, Windows 10 will continue to gain steam in higher education and beyond.

As it does, IT professionals can take a few simple steps to tweak performance and improve the user experience. Windows 10 includes new features that provide better power management and troubleshooting. Those tools, combined with some traditional Windows techniques, can dramatically improve the end-user experience and stretch limited IT budget dollars by extending the usable life of endpoint hardware.

Published November 2019 in EdTech Magazine.
Read the full article: Adapt These Settings for a Faster Windows 10

Posted in Articles | Leave a comment

Plan Well for a Hybrid Cloud Environment and See Efficiencies

Early on, cloud computing promised to simplify enterprise computing, transferring mundane work to service providers. But agencies that have not completed cloud migration — or for whom total migration is impractical — wind up operating multiple computing environments.

Hybrid IT environments, whether they involve multiple cloud providers or a mix of off- and on-premises facilities, bring flexibility to agency technology operations, yet also add complexity that can be a management challenge. This is especially problematic in an environment of shrinking financial and human resources.

Let’s take a look at ways that agency technology leaders can get their arms around hybrid cloud operations and put their limited resources to the best possible use.

Published November 2019 in FedTech Magazine.
Read the full article: Plan Well for a Hybrid Cloud Environment and See Efficiencies

Posted in Articles | Leave a comment

Lessons Learned from Six Major Data Breaches

“Every security breach that we read about in the news provides us with an opportunity to reflect upon the root causes of the situation and use those breaches to improve our own security posture. High-profile breaches offer us the ability to learn from the mistakes of others, rather than repeating them ourselves,” said Mike Chapple, adjunct research analyst, IDC.

IDC Research Report published October 2019.
Read the full report: Lessons Learned from Six Major Data Breaches

Posted in White Papers | Leave a comment

Security, Privacy and Confidentiality: What’s the Difference?

Campus administrators and faculty understand the importance of protecting sensitive student information. The past two decades have brought us a variety of laws and regulations dictating how we handle student records, as well as a series of high-profile security incidents that underscore the importance of rising to meet these obligations. 

As we discuss the criticality of protecting sensitive student information, we often throw around three terms: confidentiality, security and privacy. While many people use these terms interchangeably, they actually refer to separate but related concepts. Institutions seeking to mature their data protection practices will benefit from providing their constituents with a clear understanding of these interrelated concepts.

Published October 2019 in EdTech Magazine.
Read the full article: Security, Privacy and Confidentiality: What’s the Difference?

Posted in Articles | Leave a comment

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography

@mchapple