October 5, 2025 | 06:00

Why Every Windows AD Should Be Kept Offline

Not only since my seven security tips1 have I been getting questions about why I prefer to keep Windows and an Active Directory2 offline. That may sound inflexible, and in an era of AI-generated cybersecurity slop3 I may look like an outsider. So in today’s blog post I provide more context, explain the technical background, and lay out how ransomware works. Read more

September 18, 2025 | 10:00

What's Not Written Doesn’t Exist

A typical day in a mid-sized company. The already overworked developer, deep in crunch mode1 gets a quick note: “Would you please make the open invoices visible in the overview of all customers for this project?” Dutifully, he nods. He knows it’s an important project, the task isn’t technically difficult and the boss likes quick and simple solutions. Read more

August 20, 2025 | 17:30

How to measure IT Success?

A typical crisis meeting scenario: The Management and myself as an external consultant or information security officer sitting in a conference room: Our processes are being slowed down by too many security requirements. Employees are complaining. ‘Your’ IT security is becoming a risk to our business. Read more

July 13, 2025 | 16:26

From Minstrel to Heretic

It was the early 2000s and I was sitting there with a massive brick from Microsoft Press.1 The proud price back then: 129 Deutsche Mark. I flipped through it and felt a déjà vu: I knew these pages! Not in terms of content, but the layout, the structure, the examples, even the icons in the side notes: These were the lost manuals of the 1990s! Read more

© 2025 Tomas Jakobs - Imprint and Legal Notice

Support this blog - Donate a Coffee