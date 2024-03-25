philb2 said: Are you at liberty to post info about your security spend? I assume that you are working for a corporate. Click to expand...

The specifics get a bit tricky because they don't charge us per head, we get charged per FTE, so we might have some 80 staff but it currently only counts as 58 FTE as the part-time employees are lumped up into a bulk seating agreement, so 3, 0.6 FTE employees would consume 2 FTE allotments.But there are the O365 A5 license packs, soon-to-be Sentinal One (accounting is working on those details now), Palo Alto support contracts, and feature agreements for VPNs, traffic shaping, wildfire protection, etc. HPE Aruba for their GreenLake and ClearPass platforms, Azure for a segregated offsite failover, Veeam for incremental backups, which go to the secure AWS storage (that is kept blind from the domain, and gets contracted out for pen testing), and VMWare / Nvidia licenses for the secured virtual workstations. I have been informed that sometime next year I will be expected to be deploying some form of internal active network monitoring that will be looking for unusual behavior on the network to prevent any situations should a non-managed and unauthorized device still get connected to the network and start doing bad things or just snoop around in general.Sadly I don't have the specifics on the final costs because of how it gets spread out over multi-year agreements but it isn't insubstantial.And I don't consider Azure, AWS, or Veeam as disaster recovery items because we have redundant server clusters in separate synchronized locations, each contains its own local backups. So they can fail over and recover from each other so we would need to loose two separate sites in some form of accident for there to be any down time resulting from hardware failure. So those 3 services are intended to recover from or remain operational in the event of a Crypto attack or other such event that would render the local sites offline or unusable.