Many of us don’t get the opportunity to travel to the States for Microsoft’s biggest public convention: Ignite. Fortunately, over the last few years Microsoft have been taking the show on the road visiting countries all of the globe for a 2-day highlight tour. It also has the benefit of being a good few months after all the initial announcements so there is a bit more depth and understanding on all of the topics up for discussion. There’s content for IT Pros, engineers, admins and developers and did I mention it’s free to attend!? I headed to London with some of my risual colleagues to #LearnItAll (or at least as much as we could cram in!). At these kind of events I like to have a good mix of different sessions. This time, I focussed on finding out what’s new in IT Operations (rather than DevOps), Containers and Data, as well as the latest announcements on new Azure and Office 365 technologies like Azure Arc and Project Cortex. Originally I was planning to live blog this, and then I decided on a summary blog but it turned out there was so much content this article was left in draft and I forgot about it! So I’m publishing it with the Data and Container sessions now and hope to write up the rest in the future!
My current job as an “Enterprise Architect” has my place of work officially listed as my home, although I’m regularly out visiting clients. I share that home with my wife, 3 sons and a cat (the cat is the only one with me in the daytime). As a relative newcomer to the home-working scene, I thought it would be interesting to share my experience over the last year in how I’ve adjusted to this new way of working. I was inspired by one of Scott Hanselman’s tweets around going for a morning commute even if you work from home:
Now, I’m sure most home-workers will tell you one of the best perks of being based at home is avoiding the traffic-filled commute but something about Scott’s tweet definitely rings true. It made me think of what I’ve done to motivate me to get out of bed in the morning when I could just as easily roll out at 8:55. How do you get into good habits rather than develop bad habits? So here are my personal 6 rituals of working from home.
My colleagues and I were updating a Word document and we noticed that if the document was opened in Word Online (as it is stored in SharePoint Online) then a mystery image appeared in the top-right corner. As it only appeared like this in Office 365 we weren’t too concerned as this document is primarily for sharing as a PDF. However, it started to bug me and, as I recently qualified as the top-ranking Microsoft Office Word Expert Specialist in our company, I thought I had a rep to protect 😉.
Future Decoded is Microsoft’s annual 2-day conference aimed at business strategy leaders and IT Pros. It’s been held in the UK every autumn since 2014 at ExCeL London. I had the pleasure of returning for the 5th time this year. What I love about this conference is the way it looks ahead at the big themes in technology and how they can be used to help organisations achieve more. Usually there is a business-focussed day and a technical-focussed day, however, this year it was primarily targeted at business leaders and decision-makers. I think that is down to Microsoft establishing their “Ignite: The Tour” event, which brings the more technical content to the UK each Spring.
Here’s my wrap up of my visit on Day 2
This is the news you’ve all been waiting for, I’m getting back into blogging!
A lot has happened since my last post, to me, technology and the IT Pro community. I’ve been really impressed by some of the work my peers have been doing publishing articles, producing YouTube videos and recording some great podcasts, so I feel it’s about time I jumped back in the water.
My blog posts will continue to be varied but will mostly focus on my interests in cloud computing and especially the Microsoft stack. I’ll be avoiding “paid for” articles like a few of my previous ones to keep a better sense of integrity and provide better value to those of you who may stumble across my ramblings.
The point of this article is to give me a kick to actually put some content on here, so hopefully that’s done the trick and you’ll see more regular posts (if I don’t get too distracted with updating my “about” pages and tinkering with the theme/layout!).
Full disclosure: this is a paid vendor article
Many organisations see external breaches as the biggest threat to their data security and spend millions building walls to guard themselves against hackers. It may come as a surprise to many that insider security threats – both intentional and accidental insider abuse and misuse – were seen to be by far the biggest cause of data leakage in 2015. With this in mind, it is imperative that you take steps to ensure you understand what your employees are doing with sensitive data.
The repercussions of insider threats can be enormous and can often go unnoticed. An insider may already have keys to the door so won’t trigger any security measures and they may already know where sensitive data is stored. Many cases of insider data breaches have been accidental, but the outcome is still the same – potentially large chunks of company profits spent on damages.
How to identify insider threats
In general, there are three types of insider that could be a threat to your organisation:
Malicious insiders could be a current or former employee, a contractor or any other business partner who is authorised to access your organisation’s data. The motives for their attacks could range from revenge against a company they feel has mistreated them to simply personal profit. Theoretically everyone with access to your data could potentially exploit it for personal gain.
People who make mistakes unintentionally
A large proportion of data leakages occur due to honest mistakes on the part of insiders. They may have been caught in phishing scams, given their password out when they shouldn’t or left their account logged on across multiple machines. These threats are easier to detect and preventable by taking the right measures.
Outsiders posing as insiders
These are external attacks using an authorised user account with real credentials. External hackers can gain access through inactive accounts or by guessing passwords. Whichever way they gain access, they use genuine account details so do not show up as external threats.
Regardless of whether an insider leaks data intentionally or accidentally, you still need to make sure you are taking preventative measures to mitigate the risk. Dealing with insider threats is an ongoing, pro-active process that requires time and dedication.
How you can mitigate the risks of insider abuse
Know where your sensitive data is
It’s very important to know which areas of your IT infrastructure are the most likely to be of value to potential insider threats. It is also important to understand who has access to this data and how regularly it is accessed. Knowing these things will enable you to better detect when something out of the ordinary occurs in files and folders with sensitive data.
Evaluate your security strategy
Security breaches should be treated in the same way as a fire – there should be regular evaluations of safety regulations and ideally testing should take place to assess your current reaction to breaches. This kind of testing should enable you to spot anything you have overlooked or any loophole that currently exists.
There are some basic security practices you can enrol that will help firm up security; including patch-management procedures, IDPS configuration, passwords and authentication policies, firewalls and log review procedures.
Be sure to also look at how up to date your current security measures are. Threats evolve very quickly, and new versions of critical IT systems are released fairly regularly, it’s important that you stay up to date.
A regular and pro-active approach to auditing and monitoring critical IT systems needs to established. This will enable you to track activity in files and folders to ensure only the right people are accessing the right data. Being constantly aware of this will help you mitigate the damage should a data breach occur.
Maintain a least privilege policy
Employees often move departments, get promoted or be tasked with something that requires extra levels of permission. In all these cases new permissions may need to be granted and old permissions may need to be revoked. Maintaining a least privilege policy by monitoring these changes can ensure that only the right people have the right levels of access to the right data. Accounts with inappropriate levels of access are more likely to be damaging to your organisation.
Make insider threats a priority
Often the main issue is that certain people within the organisation won’t admit there’s a problem. Unfortunately, with insider threats, it’s only a matter of time before you experience the problem for yourself. Keep insider threats at the forefront of your mind when developing new security plans, assigning new permissions or managing employees.
Monitor your users
If you are able to make use of behavioural analytics tools, like User Behavioural Analytics or Network Analytics, then make sure you take advantage of them. These tools will highlight any behaviour deemed abnormal after establishing a base-line for what normal is. It can also simplify the process of identifying users with high-risk identity profiles.
Insider threats should be the number one cause for concern for any organization when it comes to protecting their sensitive data. Organisations that store personal information about their employees, clients, partners or customers have a duty to protect that information. A simple way of ensuring that you are able to pro-actively audit and monitor your critical IT systems is to deploy an automated solution like LepideAuditor Suite. This solution can clearly show who accesses what information as well as when and from where it was accessed. It actively audits, monitors and alerts on changes made to critical IT systems, tracks current permissions and permission changes and monitors all aspects of file/folder activity – all from a centralised console. Be sure to consider using an automated solution, like LepideAuditor Suite, when you address insider security threats in your organization.
Disclosure: I was sent this pair of trainers free of charge in exchange for a review of them
I’ve wanted to pick up running again after a bit of a lull since Summer 2014. I’ve got a bit fed up with long distance running and thought it would be a good idea to focus on improving my running times for 10k and below. This meant I was very pleased when I received a new pair of Airia Ones to review.
The big deal about these Swedish shoes is that they have been designed with the goal of making you able to run faster. In fact, they give you a 30 day guarantee so you can test it out for yourself risk-free. I was immediately sceptical; it sounds like a big promise to say a shoe can make you run faster. However, as soon as you open up the box (which felt a bit like unboxing an iPhone for the first time) you can see that these trainers are different to your usual Nike or Adidas running shoes. They are so light when you pick them up it reminded me of the polystyrene blocks you get in packaging. The patented outersole (manufactured by Vibram) gives it the unique shape and is firm but flexible. The rest of the upper is made out of an airy mesh and when you put it on it hardly feels like you are wearing anything.
I recently got my annual report for this blog and it revealed some really interesting stats from 2014
I had over 300000 visitors and my most popular article was about a change Microsoft did to managing Internet Explorer settings but forgot to update their manual!
The busiest day of the year was November 5th with 1,650 views. The most popular post that day was The new way to configure Internet Explorer proxy settings with Group Policy.
Now I’m working for Whitbread, in their IT Lifecycle and Delivery team, I’m getting a whole new set of challenges. My blog will probably drift from operational/sysadmin articles to ones on my general musings on where IT is headed. I guess I’ll have to wait and see what inspires me!
Happy 2015 everyone!
“Customizing screensavers?” I hear you cry, “That’s a bit retro isn’t it?”
Nowadays screensavers have more or less disappeared. It makes much more sense to just turn off the screen after 10 minutes of inactivity. However, there are some instances where a screensaver can be useful, for example, an always-on kiosk or even digital signage.
One of the more useful standard screensavers in the Windows operating system is called “3D Text”. Useful because by default it will display the time but can be customized to display some text instead
Here’s a quick and simple guide on how to update a file based on it’s “last modified” date (but it can also be tweaked to use any file attribute). It uses the Item-Level Targeting feature of Group Policy Preferences. The problem is, the Targeting Editor only has a “File Match” option that can check whether a file exists or is of a certain version. Luckily, we can implement a custom WMI query to check any of the files attributes using the CIM_DataFile.