As I filtered through the 1700+ sessions leading up to Microsoft Ignite, I quickly knew that unless I was able to clone myself I would have some catching up to do. Rather than try to sort through all of the sessions again later, I made a playlist of sessions that I’d like to go back and watch.
The playlist is a compilation of 70+ videos and 24+ hours of content, mostly in the Azure and Office 365 arena since that is where a lot of my focus is these days. Is there a session that shouldn’t be missed? Feel free to let me know what should be added!
Along with an Office 365 subscription, you get Microsoft’s mail filtering solution Exchange Online Protection (EOP). You can also subscribe to EOP if you are running on on-premises mail solution.
One nice feature of EOP is that it can be configured to detect and block outbound spam. IF When a user account gets compromised (or maybe you have legitimate spammers) Microsoft can block the ability for the account to send any more outbound mail until you have addressed the account and unblocked it. This is great until you have an outbreak of compromised accounts, likely due to phishing victims, and need to remove multiple blocked addresses. So how can we do this?
Update: Intel has reported that customers with certain CPUs are experiencing random reboots after applying firmware updates to patch this vulnerability. I can’t say this enough but TEST before rolling these out!
By now, you have likely heard about recently disclosed vulnerabilities called Spectre and Meltdown. If not, TechCrunch has a detailed article about them that will get you up to speed. The vulnerability affects most modern operating systems and processors. It also affects other systems such as iOS, MacOS, Android, Chrome, etc.
I have found that many IT people I talk with do not understand what needs to happen to address these vulnerabilities. I think this is (at least partly) because unlike many previous vulnerabilities, simply installing a Windows update does not fix the problem. The fix also requires registry keys to be set and firmware updates released by the hardware manufacturers to be applied.
After reviewing what needs to happen to protect enterprise systems, I have pulled together some information so you can protect yourself as well. While this is not an all-encompassing guide, it should point you to many of the resources needed to address the vulnerabilities. Rather than this blog post being extremely long and repetitive, you will find many linked items below to already created documentation that will be helpful in patching your systems. Continue reading →
The first day of Microsoft Ignite brought a staggering amount of announcements, most of which I have yet to read about in detail. With the number of product groups represented at the conference, I am sure there are still some that I haven’t heard about. In all of the sessions I attended today, I saw Microsoft’s mission throughout. It is clear that they are really focused on ensuring users have the tools they need to be productive.
Microsoft Mission: Empower every person and every organization on the planet to achieve more.
With the role based administration controls (RBAC) in SCCM 2012 and above, a common way to grant access to reporting is using the built-in security role Read-Only Analyst. This role grants access to view Configuration Manager objects, but also to run reports. However, it does not grant permission to create subscriptions to these reports. Subscription permissions are tied to other built-in roles. For example, adding the Operating System Deployment Manager security role to a user would add the ability to create subscriptions to reports about OSD. The only built-in role that grants permission to schedule Power Management reports, though is the Operations Administrator role. Using custom permissions, we can grant the ability to create a subscription for all reports including Power Management. These custom permissions will still honor any Security Scopes and Collections that are assigned to the Administrative User. Continue reading →