Jurisdictions around the world, including the European Union and Canada, are enacting laws and creating regulations forcing companies that collect personally identifiable information (PII) to store the data of their residents within their national boundaries. This concept is known as data residency and the idea is that local privacy laws will apply to data stored locally. Since privacy laws differ depending on the jurisdiction, it makes sense that Europeans, for example, want to be protected by their own laws. The problem is that data residency has never provided this kind of protection and recent court rulings in San Francisco and Canada highlight this fact.
As some of you may know, over the past few weeks, I have been publicly taking the $ 550 Billion Microsoft (Nasdaq: MSFT) to Active Directory Security School (see PS3 below) because today global security literally depends on Active Directory Security.
In case you're wondering why, here's why -
The Importance of Active Directory Security
From the White House to the British Houses of Parliament, and from Microsoft to the Fortune 1000, at the very foundation of IT, identity and access management, and cyber security at over 85% of all organizations worldwide today lies Active Directory.
In other words, the foundational security of thousands of government and business organizations depends on Active Directory.
To paint a picture - Governments, Militaries, Law Enforcement Agencies, Banks, Stock Exchanges, Energy Suppliers, Defense Contractors, Hospitals, Airlines, Airports, Hotels, Oil and Gas Companies, Internet, Tech and Cyber Security Companies, Manufacturing Companies, Pharmaceutical Companies, Retail Giants ... <the list is long> all run on Active Directory.
Operating in the Dark
Given my background, experience and whatever little I know about the subject, I have reason to believe that most organizations worldwide that operate on Active Directory are operating in the dark today, and have absolutely no idea as to exactly who has what level of privileged access in their foundational Active Directory!
Further, because over the last decade, almost 10,000 organizations from across 150+ countries worldwide have knocked at our doors unsolicited, we know exactly how much these organizations know about Active Directory Security, and we're shocked to know that 99% of them don't even know what "Active Directory Effective Permissions" are, and upon giving this due thought, we have arrived at the conclusion that the world's complete ignorance on this most paramount aspect of organizational cyber security can be attributed to the fact that Microsoft has likely not even once educated its customers about its importance!
Let There Be Light
So, I made an executive decision that we need to educate the $ 550 Billion Microsoft Corp about the paramount importance of "Active Directory Effective Permissions", so that they can in turn educate the thousands of vital business and government organizations at whose very foundation lies Active Directory about its sheer and cardinal importance.
Make no mistake about it - no organization that operates on Microsoft Active Directory today can be adequately secured without possessing the ability to determine effective permissions on the thousands of building blocks of cyber security (i.e. thousands of domain user accounts, computer accounts, security groups and policies) that reside in its Active Directory. Its really that simple.
A 1000 Cyber Security Companies!
Speaking of which, although there are supposedly over a 1000 cyber security companies in the world (, and incidentally at their very foundation too lies Microsoft Active Directory) not a single one of them has the ability, the expertise or even a single solution to help the world accurately determine "effective permissions" in Active Directory. Not a single one of them!
Well, except ONE.
PS: If you can find even ONE cyber security company in the world that can help the world do this, you let me know.
PS2: Microsoft, before you respond, please know this - I've conquered mountains, and I'm likely your best friend.
PS3: To help the world easily follow Active Directory Security School for Microsoft, here are each day's lessons -
- Day 0 – A Trillion Dollar Letter to Microsoft concerning Cyber Security Worldwide
- Day 1 – How Well Does Microsoft Understand Cyber Security?
- Day 2 – The Importance of Active Directory Security
- Day 3 – The Impact of an Active Directory Security Breach
- Day 4 – The Active Directory Attack Surface
- Day 5 – The Top-5 Security Risks to Active Directory Deployments
- Day 6 – A Trillion Dollar Active Directory Privilege Escalation Example
- Day 7 – Lack of Gravitas at Organizations + Risks of Amateur Tooling
- Day 8 – An Ocean of Access Privileges in Active Directory Deployments
- Day 9 – A Most Important Microsoft Video on Defending Active Directory
- Day 10 – Active Directory Effective Permissions – Paramount to Cyber Security
- Day 11 - A Trillion $ Question to Microsoft regarding “Identities” and Cyber Security
- Day 12 - How to Correctly Audit Who can Create User Accounts in Active Directory
- Day 13 - Microsoft, How Do Organizations Prevent this Denial-of-Service Attack on Active Directory?
- Day 14 - How to Audit Who can Delete an Organizational Unit in Active Directory
- Day 15 - A Trillion $ Question to Microsoft regarding Domain Security Groups
- Day 16 - How to Audit Who can Change Group Memberships in Active Directory
- Day 17 - Implications of An Unauthorized Change to a Service Connection Point in Active Directory
- Day 18 - How to Audit Who Can Change/Control/Delete a Service Connection Point in Active Directory
- Day 19 - Implications of an Unauthorized Change to Domain Computer Accounts in Active Directory
and How to Audit Who Can Make Changes to Domain Computer Accounts in Active Directory
- Day 20 - Microsoft, Have 1000s of Major Organizations Been Furnishing Inaccurate Evidence to Demonstrate Compliance of Access Rights in Active Directory?
Email is one of the most critical business tools and a major component of the lives of many people. At the same time, it seems to lack adequate security as the Clinton campaign email leaks and the publication of France’s Macron emails have shown. Email is at the same time insecure but used to share important and often sensitive information.
Dear President Trump,
Hello. As President of Paramount Defenses, I pen this letter most respectfully to you, the President of our United States.
Sir, almost all reasonable people would agree that a bellicose and now nuclear North Korea likely poses a threat not just to the United States but to the whole world, and that this threat must be dealt with. While there are several options, including military options, that you may be considering, I just wanted to say that you may want to give a peaceful resolution to this situation a reasonable chance (because wars are gruesomely destructive), and perhaps there may be still something that could be done.
Of course, North Korea must make no mistake about one fact - it must unequivocally understand that if it attacks the U.S. or its territories or allies, the U.S. will have no choice but to act to defend itself, and if it does, it will likely be the end of North Korea.
Speaking of Nuclear Weapons and North Korea
I likely speak on behalf of not just millions of American citizens, but billions of people worldwide when I say that this dangerous "sabre rattling" needs to please stop; we just cannot have a(ny) country threatening the world with the use of Nuclear Weapons.
We should also make NO mistake about this - This must please stop, and yet we must try and do all we can do to resolve this PEACEFULLY, because wars are gruesomely destructive. It is estimated that should this situation result in a war on the Korean peninsula, millions of people in numerous countries may lose their lives and/or be severely impacted.
If I might add, in today's civilized world, no one person in the world, whether it be the leader of any country (whether it be North Korea, Iran, China, Russia, USA, etc.) or entity should be able to endanger the lives of all 7,000,000,000+ people on Earth.
Speaking of peaceful efforts, allow me to voice one unsolicited suggestion, which involves a country that may likely have, over the years, whether unintentionally or otherwise, played^ a (not so small) role in helping North Korea get where it is today, and they now ought to do everything they can to help resolve this situation peacefully, and that one country is China.
[ ^ Watch this 6 min video - "China is North Korea's largest trading partner and has pushed hard for the livelihood exemptions" , "Sanctions will only be as effective as Beijing wants them to be" , "Regime survival is exactly what China actually wants to see"]
Where Does China Stand on This?
Sir, as of Aug 11, 17, you've certainly tried to have China resolve this problem. However, it does not seem to (yet) have worked.
As of this morning, according to the Global Times newspaper, which although is not an official mouthpiece of the Communist Party, does according to experts most likely reflect government policy, China is likely okay with an armed conflict in the region.
I quote from here -
"Beijing is not able to persuade Washington or Pyongyang to back down at this time. It needs to make clear its stance to all sides and make them understand that when their actions jeopardize China's interests, China will respond with a firm hand."
"China should also make clear that if North Korea launches missiles that threaten U.S. soil first and the U.S. retaliates, China will stay neutral. If the U.S. and South Korea carry out strikes and try to overthrow the North Korean regime and change the political pattern of the Korean peninsula, China will prevent them from doing so."
In other words, by not being against it, China is apparently tacitly okay with an armed conflict in the region. That's concerning.
Today, no country in the world should be okay with any such conflict, especially one involving countries with Nuclear Weapons.
China needs to realize that now is the time to respond to North Korea with a firm hand (; lest it might be too late & cost a 100x.)
China may need to unequivocally understand that this isn't just about a regional conflict or stability in one specific region of the world, but that this could result in the use of Nuclear Weapons and that could potentially dangerously impact the entire world.
The Suggestion - Having China Do More
In reality, as its largest trading partner, China does likely have a substantial amount of influence on North Korea, which is also why most sanctions imposed on North Korea by the U.N. thus far may have only been as effective as China wanted them to be.
Thus, perhaps, all countries in the world that desire peace, led by the U.S., should earnestly communicate to China that unless China does more to help, the world may have no choice left but to begin to look into potentially unfair Chinese trade practices and consider* (even if temporarily) substantially reducing their imports from China (i.e. the import of goods Made in China).
Perhaps, as a consequence, if China realizes that the world may seriously no longer be interested in importing its inexpensive goods, and that it may stand to lose up to a Trillion $ in trade each year, unless it "reins in" North Korea, perhaps it will do more.
(As such, China should be quite concerned about the possibility of any armed conflict in its region as it could impact its people. If concern for the safety of its billion+ people doesn't motivate China, perhaps the potential of a Trillion $ a year of loss, may.)
China may very well understand this today, so they need to flex some serious muscle to help resolve this dangerous situation.
[ A small digression...
An Unintended Impact
Incidentally, this could help kick-start your Made in USA initiative, and perhaps help reduce the trade imbalance with China, and although products for the U.S. consumer may no longer be dirt cheap, it could start bringing back American manufacturing jobs, thus helping your #MAGA slogan.
Speaking of #MAGA, while America is already a great country, its greatness may likely indeed have diminished a bit in light of globalization, and speaking of jobs, perhaps it may help to let the American people know that it is our own companies, i.e. the major companies whose products the American populace consumes, that whether driven by fierce competition and/or a desire to "maximize shareholder value", may have over the years substantially outsourced manufacturing, so and it may be up to the people to consider having (and if they decide, could have) these companies put country/security ahead of maximizing profits.
(It is difficult to walk into a Walmart or a Home Depot anywhere in the U.S. and find any products that are not "Made in China." Obviously, since you Sir, are (supposedly) a Billionaire, I do not expect you to have personally walked into a Walmart or a Home Depot, but in all likelihood a majority all hard-working people living in the U.S. may likely know what I'm talking about.)
Lastly, perhaps we, the American people may also need to realize that it may not likely be possible to simultaneously have both, "dirt-cheap (i.e. super inexpensive) products" and "American manufacturing jobs." Perhaps, if there is a strong desire to bring back manufacturing jobs to the U.S., it may require, even if for a bit, some adjustments as consumers - perhaps consume a little less, but buy quality products that are Made in USA as well as made in all such countries that adhere to fair trade practices.
Here, I should mention that it is also certainly possibly for (a more responsible and fairly competing) China to continue to be a major exporter of goods to the U.S., just as long as the Chinese too engage in manufacturing under fair trade practices, fair employment, regard for the environment, and for human rights, thus making the manufacturing playing-field level for all nations.
Alternatively, in lieu of having thousands of companies bring back manufacturing jobs to America, perhaps we could make solid results-driven investments towards helping our workforce acquire skills in those fields and industries that play a substantial role in contributing to America's exports, in effect helping millions of our people find suitable, respectable and gainful employment, as well as contributing to an increase in American exports, which too will have the effect of improving uneven trade deficits.
Speaking of Made in USA, perhaps the best way for you Sir, to demonstrate your commitment and seriousness of purpose to #MAGA, may likely be to lead by example and have all products made by the Trump Organization be made here in USA.
... end of digression.]
The World should stand united on one front - regarding threats involving use of Nuclear Weapons, there must be zero tolerance.
As for North Korea, it must make no mistake about one fact - it must unequivocally understand that if it attacks the U.S. or its territories or allies, the U.S. will have no choice but to act to defend itself, and if it does, it will likely be the end of North Korea.
The Chinese too must understand that any military conflict in their region, especially one potentially involving the use of even a single nuclear weapon, and its fallout, could endanger not just all the countries in the Korean Peninsula, but also likely threaten and perhaps possibly jeopardize the very existence of Earth, and the last I checked, a billion Chinese people too, live on Earth.
If a millennia of history haven't taught us about the horrors and savagery that military conflicts and wars entail, and if a millennia of progress hasn't made us all realize that we all need to peacefully co-exist, then while we may have made material progress, what have we truly learnt?
Instead of predominantly pursuing profits, world-domination and egos, we should (all) instead be first pursuing peace, love and harmony, improving life for everyone, and cherishing and saving our precious planet (because in the Universe, its all we have.)
PS: I write neither as a Republican nor a Democrat, merely as a caring citizen, and not just as a U.S. citizen, but as a peace-loving global citizen, i.e. just one of 7,000,000,000+ people that live in 150+ countries worldwide who believe in living in Peace.
You ought to ask yourselves if you're really doing everything you can to diffuse this incredibly reckless and dangerous situation; should this result in an armed conflict in your region, your great country and its people may very likely be substantially impacted.
This is not the time for any party to play "Chess." This is the time for all countries to help prevent a potentially nuclear conflict.
The ITAR (International Traffic in Arms Regulations) legislation details what measures businesses and individuals must take to comply with ITAR requirements and specifies severe penalties, both civil and criminal, for non-compliance. The reach of the regulations is broad and suppliers of all kinds may be subject to requirements to keep sensitive information secure and restricted.