About thommck

Trying to show people that computers are supposed to make things EASIER

Connect AWS to Azure for free Cloud Security Posture Management

I found a good excuse to get an AWS free trial! Microsoft have introduced a simplified agentless way to connect Amazon Web Services (AWS) and Google Cloud Platform (GCP) to Microsoft Defender for Cloud (the new name for Azure Security Center). This is good news for a lot of reasons but primarily because it gets closer to a Single Pane of Glass for monitoring your cloud security posture, at the excellent price of free*.

Connect AWS to Azure for free Cloud Security Posture Management
Continue reading

Fix emoji search in Windows 10

This is a quick post to explain how you can get search working from the emoji keyboard in Windows 10 or Windows 11. This should work by default but some organisations block the downloading of the optional features that would allow it.

Update 07/01/2022: I found the magic command line to fix it all! Jump to the bottom to see.

The emoji panel in Windows 10
Continue reading

Could you be a vegan for a month?

Are you up for a challenge? How about you give Veganuary a go this January? I thought it would be good to share a bit more about what Veganuary is, what’s in it for you and why I’ve taken part in it over the last few years. If your gut reaction is “I could never give up steak/cheese/bacon” then this post will hopefully give you some food for thought.

What is Veganuary?

The Veganuary challenge asks people to eat a purely plant-based (vegan) diet for the whole of January.  That means not just giving up meat (which would be a vegetarian diet) but all animal products and by-products like milk, cheese, eggs and honey. This diet has proven health benefits, including increased energy levels, lower cholesterol levels, lower blood pressure and it also helps to combat weight gain. It’s the most environmentally friendly diet too. It has been calculated that one person eating a vegan diet for a month will save 124,900 litres of water, 84 square metres of forest and 273kg of carbon dioxide emissions (better than giving up a car for a month).

Continue reading

Cloud PCs from Windows 365

How do you provide someone a secure well managed Desktop PC and apps without having to provide an expensive laptop or desktop tower that has a limited lifespan? Virtual Desktops are a common solution to this conundrum. A Virtual Desktop allows a person to use whatever device they want (like a home PC, smartphone, iPad etc) to access a remote desktop server running on centralised hardware in an organisation’s server room or datacentre. That is what is meant by a Virtual Desktop Infrastructure (VDI) solution. Although these solutions have been around for decades from companies like Citrix, Microsoft and VMware, they have required a lot of high-end hardware and specialist expertise to make them work well. Due to that requirement, they often have not been able to meet the promise of being a more cost-effective solution than just giving everyone a laptop.

With the COVID-19 pandemic we have seen an acceleration of the shift to remote and hybrid working that was already well on its way beforehand. Other scenarios like organisations expanding through mergers, or starting partnerships with other companies, or having temporary/seasonal staff, can add further challenges to onboarding and provisioning IT services, business continuity, and security and compliance.

VDI is a great solution to those challenges but many organisations don’t have the capacity to deal with that demand. Cloud service providers like Microsoft and Amazon have helped to address that issue with Amazon Workspaces and Azure Virtual Desktop (previously known as Windows Virtual Desktop). By using these Cloud options you no longer have to worry about pre-purchasing a large amount of hardware and calculating complex capacity requirements – you can set up the networking, Virtual Desktops, applications etc all in the Cloud and scale it up and down as demand changes. However, you still need that specialist expertise to get it right in the first place.

Microsoft wanted to make providing Virtual Desktops just as easy as providing someone an email mailbox. Microsoft 365 makes it super simple to configure email services through Exchange Online, meaning organisations no longer need a team of Exchange Server administrators to run its own unique instance, could the same be done for VDI?

Continue reading

First look at Windows 11 beta and why businesses should take a look

Windows 11 has been available for people to test for a few weeks now through the Windows Insider Program on the Dev channel. With the announcement of the new Beta channel I thought it was high time I got my hands on it and started to poke around.

Become a Windows Insider

If you’re not familiar with Windows Insider, this is how Microsoft allows early access to preview builds of Windows so that hobbyists and businesses can prepare for changes and provide feedback. There are 3 “channels” that decide how frequently you get a new version of the OS, with the Dev and Beta channel both now providing Windows 11. Joining the programme is a straightforward process if you use a consumer Microsoft Account or a work account (via Azure AD) – all the details on how are on Microsoft Docs. I always recommend businesses have at least some devices registered on the Insider channel so that they can assess what’s coming up before you move on to more formal business pilots. New PCs will start to come with Windows 11 at the end of the year (in time for Christmas), with the in place Windows 10 upgrades beginning to roll out late in 2021 and continue into 2022. So with the upgrade imminent, businesses should start to expect some of their employees are likely to start using the new OS before the organisation rolls it out – this is all the more reason to have teams within IT looking at Windows 11 and preparing for it – just as they would for any of the Windows 10 semi-annual release updates that we have all gotten used to.

Insider channel settings in Windows 11

Installing Windows 11

As I didn’t want to affect my work device, I have done my testing using my personal Microsoft account. My test device is my old Surface Pro 3. It looked to me like it met the minimum spec (see stats below) but when I clicked to receive the Beta channel releases in Settings I did get a warning saying it didn’t. That’s OK for now as Microsoft are allowing devices that don’t meet the spec to test anyway.

Device name Thom-Surface-Win11
Processor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz 2.50 GHz
Installed RAM: 4.00 GB
System type: 64-bit operating system, x64-based processor
Pen and touch: Pen and touch support with 10 touch points
TPM Specification: Version 2.0
System Firmware: UEFI with Secure Boot
Warning message that appeared on my Surface Pro 3

I was starting from a clean install of Windows 10 1903 (as that’s what I has lying around on a USB boot disk). That meant I had to first run Windows Update to get to 21H1, then run Windows Update 3 more times before Windows 11 was offered. Usually Microsoft releases ISO files for Windows Insiders or you can download if you have a Visual Studio (aka MSDN/TechNet) subscription but there aren’t any Windows 11 ones on offer yet, so an in place upgrade was the easiest method for now. The upgrade was quick and painless, just like recent Windows 10 Feature Updates. I didn’t see the out-of-box-experience (OOBE) like you’d get with a fresh install but I did get a nice new Welcome screen after my first sign in that took me through a few choices (privacy settings etc.) I got a few buggy error messages at first so I did another run of Windows Update, restarted, and all seemed to be running smoothly.

What’s new for businesses

I’ll start out by saying very little information has been released about any new features for the Pro, Enterprise and Education editions of Windows. Take that as some comfort that the management tools and methods you use today will remain valid with Windows 11.

Much like the Windows 7 to 8, or 8 to 10 upgrades, a lot of the differences are visual. This can be quite disruptive to people if they are not aware of all of the user interface changes. It’s not quite as dramatic as the full screen Start menu in Windows 8 but the taskbar and Start menu have both been updated giving a more central position and style more familiar with the simplified UI of a smartphone.

Start Menu and WinVer
The new Windows 11 desktop, taskbar and Start menu

Some IT admins may have a gut reaction to try and make Windows 11 look revert to a Windows 10 look and feel with various policy settings or pushing out registry hacks but I would encourage you to resist the urge. I always like to adopt the new UI paradigms and bring all the end-users along with them. People are used to changing styles and will want work to mirror how they use personal devices, so unnecessary customisation can sometimes actually cause the opposite affect to usability.

Other features, like the Widgets pane, new Snap Layouts, new look Notification/Action Center, and new look Settings should all feature in your end-user comms to help users understand any new ways of doing common tasks.

Microsoft Teams is front and centre in Windows 11, although the full story on how deep the integration will be is yet to be seen. The version you get is the consumer one, that users personal accounts. So effectively it is replacing the consumer Skype features found in Windows 10. However, we do know that Microsoft is working on a more optimised version of the business version of Teams and it should also be able to take advantage of Windows 11 enhancements, like sharing a window straight from the taskbar, or the new global “Mute Mic” button. The pictures below were provided by Microsoft:

The Microsoft Store has been given an overhaul to adopt the new look and feel. The most dramatic update though is that as well as PWAs, UWP, and Win32 apps, you will now be able to install popular Android apps directly in Windows. Under the hood this makes use of the Windows Subsystem for Linux (WSL2), Hyper-V. While not currently available in the Insider beta we hope to be able to test it soon. On the one hand it could help improve end-user productivity by giving them access on a desktop environment but some considerations will need to be made for how enterprise can prevent confidential or sensitive information leaking. I have no doubt it will follow a similar approach to how Intune manages Mobile Application Management on smartphones today but it will be interesting to see if businesses take advantage of this.

The refreshed Microsoft Store app in Windows 11

What’s being removed

It’s not all new things, some features and apps in Windows 10 are being removed. Looking through the full list of deprecated features I can’t see many major ones that I think could cause issues to businesses except the following:

  • Custom Start Menu tiles and groups: As Windows 11 no longer has the Live Tile interface, organisations that were deploying custom app shortcuts via this method will need to have a new approach. Microsoft haven’t revealed what this will be yet but I’d suggest investigating PowerShell scripts to create new shortcuts or, if primarily using Cloud-based apps, investigate the new features of the Microsoft 365 My Apps portal.
  • Internet Explorer disabled: This is slightly hidden in Windows 10 but end-users can still find it. No more in Windows 11, which will use the new Edge (Chromium) browser. If you use websites that require IE11 compatibility then check out the IE Mode feature in Edge
  • Built-in apps: OneNote for Windows 10, Skype and Paint 3D won’t be installed by default on fresh Windows 11 builds (but will stay if doing an upgrade). If these are frequently used by users you will need to add them in to your app deployment process.

Planning for the update

Microsoft confirmed that Windows 10 will remain in support until 14th October 2025 which implies there will be more updates coming (as Windows 10 21H1 end of life is December 2022). There is more info on the blog post Windows 11 lifecycle and servicing. With that in mind, it makes sense to start thinking about your upgrade plan. Here’s 8 questions you can use as a starting point:

  1. Will we need to buy new hardware?
  2. Can we move to a modern management approach using Microsoft Endpoint Manager (Intune and Autopilot) rather than have people come to the office for the upgrade?
  3. How quickly should we deploy the update?
  4. What comms and user adoption approach will we take?
  5. Who is suitable to be an early adopter/pilot user?
  6. Can you remove legacy technologies like VPN and move to a zero trust security approach?
  7. Will you allow Android Apps to be installed through the new Store?
  8. Are we affected by any of the deprecated features?

Windows 11 is based on the same foundation as Windows 10 so it will support the same management tools and approach that you used to deploy Windows today. Think about what lessons you learned from your Windows 10 deployment and how you can make the Windows 11 rollout even better.

Stay in the loop

Microsoft recommend signing up to its Windows 11 newsletter to make sure you receive further information around release dates or any other major news but I’d also recommend keeping your eye on the following official sources:


I’ve enjoyed using Windows 11, and after a few days using it I hardly notice the difference. I’m still not quite used to the moving location of the taskbar icons but we’ll see how that changes before the final version is released. I’d encourage everyone who is using the Windows 11 beta to use the Feedback Hub app to report any issues or things you don’t like (I’ve already submitted 2 and voted for others) as this is the key time for Microsoft to hear what works and what doesn’t.

Until further information comes out on business and enterprise features of Windows 10 then the focus should be on your strategy and planning phases, with some early testing of Insider builds. Reach out to a Microsoft partner like risual if you want to understand more what a modern hybrid workplace strategy could look like.

I’d love to hear what your thoughts are on Windows 11 (👍👎) or how you are preparing for it in your company. Let me know in the comments!

The big themes from Microsoft Ignite, March 2021: Part 3, Security for all

This is part 3 of a series of articles on the key themes from Microsoft Ignite, March 2021:

This keynote kicked off with Microsoft’s Corporate Vice President of Microsoft Security, Compliance and Identity, Vasu Jakkal.

Session Link

Microsoft want to make our digital world safe for everyone by providing security that reflects, empowers and includes everyone. When Microsoft says security for all it really means all:

  • All organisations, big and small
  • All your data
  • All clouds (Azure, AWS, GCP etc)
  • All your people (wherever they are)
  • All your devices and platforms
  • All the risks you face
  • All the opportunities ahead
Vasu describes Microsoft’s combined approach to Security, Compliance, Identity & Management

As always, there is an evolving threat landscape. Microsoft gather over 8 trillion security signals a day and have seen an increase in cybercrime, ransomware and nation state attacks. These have been led by attacks emanating from Russia, but also Iran, North Korea and China. Microsoft produced a Digital Defence Report in September 2020 that describes the current threat intelligence landscape and provides guidance and insights from experts, practitioners, and defenders at Microsoft.

Solorigate was an incredibly sophisticated nation state attack that targeted the SolarWinds Orion software. FireEye found it and asked Microsoft to help investigate. Using the 8 trillion signals they could find the traces/footprints and then could highlight it to customers. Microsoft don’t just sell security software or respond to threats, it is working to reduce digital crimes, disrupt botnets and nation state actors. You can read more about Microsoft’s analysis of Solorigate/NOBELIUM on its security blog.

Continue reading

The big themes from Microsoft Ignite, March 2021: Part 2, The Hybrid Workplace

In part 1 of this recap we looked into the keynote from Microsoft’s Satya Nadella and Alex Kipman. Part 2 of my Microsoft Ignite blog series will have a look at another keynote session all about how workplaces have been impacted by the global COVID-19 pandemic and how Microsoft are supporting organisations to work in the new normal.

The Hybrid workplace

Session Link

This fun 15 minute keynote from Microsoft Corporate Vice President, Jared Spataro, was packed with news around flexible approaches to work. Microsoft believe that there will be no going back to a pre-pandemic reality of an office permanently full of employees. Physical meetings are important but they won’t be the same as before.

of managers expect more 
flexible work from home 
policies post-pandemic 
more than 
Of employees expect 
to adopt these flexible 
work from home policies 
Jared presents statistics from the WorkLab research

The Microsoft WorkLab is a site dedicated to understanding the trends of working during the pandemic & the need to change the employee experience. There’s lot to explore on that site, and info on how Microsoft will bring that to life in organisations with its Employee Experience Platform (EXP) Microsoft Viva. Microsoft have seen a large rise in video meetings, longer workdays, a break-up of the traditional 9-5 work pattern and an increase in chat. With over 115 million daily active users, Microsoft Teams has been the centre of a lot of that activity. Here are the new features and improvements Teams will be getting soon:

Continue reading

The big themes from Microsoft Ignite, March 2021: Part 1, Microsoft Mesh

It seems like only yesterday I was blogging and live tweeting about the annual Microsoft Ignite conference, when it was actually September last year! The global pandemic has meant for some changes to how Microsoft showcase all their big announcements and instead of the usual Ignite: The Tour sessions we get in the following Spring (in the northern hemisphere) we were treated to another global 3-day virtual event. In this post, I will take you through the big announcements and updates as well as take a bit of a deeper look at the overall themes from Microsoft and what they tell us.

Solution areas 
Data & Al 
Judson Althoff, executive vice president of Microsoft’s Worldwide Commercial Business describes Microsoft’s core solution areas

If you want to take a look for yourself, the good news is that all of the content is available on-demand from myignite.microsoft.com. There are well over 200 sessions, from the keynotes or general “what’s new” sessions, to deep-dives and proper technical training available. A little tip for finding the sessions you want: Once you’ve signed in to MyIgnite go to the session scheduler, use the filters to find the area you are interested in, then sort A-Z (by default they are sorted chronologically which makes it confusing to pick out the duplicate sessions!).

You may also want to check out the Book of News. This is a fairly concise online report that shows calls out all the newsworthy announcements. Each announcement has a small description, then links off to a more in-depth Tech Community blog or Microsoft Docs page. It took me about 90 mins to read through it all, including a bit of jumping out to find out more on the topics I was really interested in.

Continue reading

Quick Tip: Make the most of the Microsoft Teams app bar

Microsoft Teams is fast becoming the hub for people’s productivity at work. I wanted to highlight a small feature that can make a big difference to the usability of Teams and help people find what they need, fast.

Microsoft Teams uses an “App Bar” on the left hand side of the UI to let you switch between the different apps available. You are probably familiar with the Activity, Chat, Teams, Calls and Calendar apps as they are pinned by default to the app bar but did you know you can move these around, unpin them or pin new ones?

screenshot of Microsoft Teams on the apps page
The app bar on the left with the default pinned apps, and there is even an app for more apps!
Continue reading

🧨 Ignite The Tour: London Highlights – Data and Containers in Azure

Many of us don’t get the opportunity to travel to the States for Microsoft’s biggest public convention: Ignite. Fortunately, over the last few years Microsoft have been taking the show on the road visiting countries all of the globe for a 2-day highlight tour. It also has the benefit of being a good few months after all the initial announcements so there is a bit more depth and understanding on all of the topics up for discussion. There’s content for IT Pros, engineers, admins and developers and did I mention it’s free to attend!? I headed to London with some of my risual colleagues to #LearnItAll (or at least as much as we could cram in!). At these kind of events I like to have a good mix of different sessions. This time, I focussed on finding out what’s new in IT Operations (rather than DevOps), Containers and Data, as well as the latest announcements on new Azure and Office 365 technologies like Azure Arc and Project Cortex. Originally I was planning to live blog this, and then I decided on a summary blog but it turned out there was so much content this article was left in draft and I forgot about it! So I’m publishing it with the Data and Container sessions now and hope to write up the rest in the future!

Continue reading