Podcasts about Group Policy

Mistral launched CodeStrollMamba and MathStroll, outperforming open-source models. OpenAI released GPT-4.0 Mini, a cost-efficient AI model, while Microsoft introduced Spreadsheet LLM for spreadsheet analysis. AWS unveiled AWS AppStudio for creating enterprise applications effortlessly.Microsoft's checkpoint cumulative updates for Windows 11 aim to deliver smaller, faster updates through periodic cumulative updates and incremental binary differentials. The change is expected to reduce the size of monthly updates significantly. The episode also discussed a bug resolution impacting Windows Update automation scripts on Windows 11 systems. Admins can expedite the fix process through Known Issue Rollback and Group Policy setup.The episode delved into the concept of managed service as software, emphasizing AI-powered services with high margins. It explored the evolution of managed services providers (MSPs) and the need for continual innovation to meet customer expectations. The discussion extended to the challenges of governing AI in government projects, highlighting the limitations faced by state governments in controlling generative artificial intelligence.In closing, the episode encouraged learning from failed IT projects, aligning with business strategy, and fostering a culture of continuous improvement. It also touched on the transformation of MSPs over the years and the importance of talent acquisition, automation, and regulatory compliance. Three things to know today 00:00 AI Landscape Update: Mistral, OpenAI, Microsoft, and AWS Drive Innovation with Specialized Models03:51 Microsoft Introduces 'Checkpoint Cumulative Updates' for Faster, Smaller Windows 11 Updates05:29 Managed-Service-as-Software: Leveraging AI for Scalable, High-Margin Service Delivery  Supported by:  https://www.coreview.com/msphttp://skykick.com/mspradio/   All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

In today's episode, we look into the recent compromise of celebrity TikTok accounts through a zero-click attack and discuss the exploited vulnerabilities. We then explore the potential security pitfalls of Microsoft's Windows Recall feature, highlighting totalrecall.py by ethical hacker Alexander Hagenah. Finally, we examine the ransomware attacks executed by the Russian-speaking Qilin group on NHS medical services in London. For more details, check out these sources: https://thehackernews.com/2024/06/celebrity-tiktok-accounts-compromised.html https://github.com/xaitax/TotalRecall https://www.group-ib.com/blog/qilin-ransomware/ https://www.google.com/search?q=why+should+people+delete+tiktok&oq=why+should+people+delete+tiktok Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ 00:00 Introduction 01:18 TikTok's Troubling History of Security Flaws 04:58 Exploring Microsoft's Controversial Recall Feature 07:46 Quillin Ransomware: A Deep Dive Tags: Zero-click attack, TikTok, hackers, vulnerability, ethical hacker, TotalRecall, Windows Recall, vulnerabilities, Qilin, ransomware, defend, security measures, sensitive data, critical sectors, Russian-speaking gang, NHS hospitals, cybersecurity, celebrity accounts, platform security Search Phrases: How TikTok handles zero-click attacks Vulnerabilities in TikTok security Protecting TikTok accounts from hackers Ethical hacking and TotalRecall demonstration Securing data against Windows Recall threats Defending against Qilin ransomware Russian ransomware gang Qilin explained Health sector ransomware attacks prevention Cybersecurity tips for TikTok users Windows Recall vulnerabilities and precautions https://thehackernews.com/2024/06/celebrity-tiktok-accounts-compromised.html ---`Flash Briefing: Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs Zero-Click Attack on TikTok: Threat actors have exploited a zero-click vulnerability in TikTok, allowing them to take over high-profile accounts via direct messages without user interaction. (Source: Semafor, Forbes) Actionable Insight: Stay vigilant even if you don't interact with suspicious messages. Update your app regularly to ensure you have the latest security patches. Scope of the Compromise: TikTok has not disclosed the exact number of affected users but claims that only a "very small" number of accounts were compromised. Engagement: Ask listeners, “Have you noticed any unusual activity on your social media accounts lately? Share your experiences with us.” Response and Mitigation: TikTok has implemented preventive measures to stop the attack and is working directly with impacted users to restore account access. Actionable Insight: If you suspect your account has been compromised, contact TikTok support immediately and follow their guidance for recovery. Historical Context of TikTok Security Issues: January 2021: Check Point identified a flaw allowing attackers to build a user database with associated phone numbers. (Source: Check Point) September 2022: Microsoft found a one-click exploit in TikTok's Android app that could take over accounts via a crafted link. (Source: Microsoft) Turkey Compromise: 700,000 accounts were compromised via intercepted SMS messages. (Source: Report) Invisible Challenge: Attackers used a viral challenge to spread information-stealing malware. Global Concerns and Actions: China Ties: Concerns about TikTok's Chinese ownership have led to proposed and enacted bans in several countries, including the U.S., U.K., Canada, and Australia on government devices. Legal Actions: TikTok has filed a lawsuit in the U.S. challenging a proposed ban,` TotalRecall shows how easily data collected by Windows Recall can be stolen https://github.com/xaitax/TotalRecall ---`- TotalRecall Tool: Ethical hacker Alexander Hagenah developed the TotalRecall tool to highlight security vulnerabilities in Windows' newly announced Recall feature. This tool can easily extract and expose sensitive data collected by Recall. Actionable Insight: Be vigilant when using new features and tools that collect data, as they may have hidden security risks. Recall Feature Overview: Microsoft announced the Recall feature on May 20, 2024, as part of the Copilot+ line of Windows 11-powered PCs. Recall takes screen snapshots every few seconds, uses OCR to extract information, and stores this data in an unencrypted SQLite database. Actionable Insight: Encrypt sensitive data locally and regularly audit new features for potential security risks. Security Pitfalls: Security researcher Kevin Beaumont demonstrated that exfiltration of Recall databases can be automated, making it easy for malware and hackers to access the data. He criticized Microsoft for enabling Recall by default and allowing it to be reactivated without user knowledge. Actionable Insight: Immediately disable features that pose security risks and monitor for unauthorized reactivation. TotalRecall Functionality: The tool copies Recall databases, extracts information like passwords and search terms, and summarizes this data. Hagenah does not plan to update the tool further, leaving its functionality as a proof of concept. Actionable Insight: Regularly review and understand the tools being used within your system to prevent potential data breaches. Microsoft's Response: Although Microsoft has emphasized security, their implementation of Recall falls short. The feature stores data locally in an unencrypted format, making it accessible to malware and unauthorized users. Actionable Insight: Push for vendors to improve security measures and hold them accountable for defaults that put user data at risk. Upcoming Release: Recall is` ---`scheduled for release on June 18, 2024. Security professionals hope Microsoft addresses the highlighted issues before the launch. Actionable Insight: Stay updated on new releases and security patches to ensure vulnerabilities are addressed before widespread adoption. Disabling Recall: Recall is enabled by default on Copilot+ devices, but users can disable it during initial setup or via Group Policy in enterprise environments. Actionable Insight: Ensure that all team members are aware of how to disable potentially risky features and implement these changes as part of security best practices. Engagement Suggestion: "Have you ever encountered a new feature that seemed more risky than beneficial? Share your experiences with us and let's discuss how to navigate these challenges together!"` Who are Qilin, the cybercriminals thought behind the London hospitals hack? https://www.group-ib.com/blog/qilin-ransomware/ ---`Flash Briefing: Qilin Ransomware Group NHS Attack: Cybercriminal group Qilin, a Russian-speaking ransomware gang, attacked NHS medical services provider Synnovis, disrupting hospital trusts and GPs across London. If based in Russia, British law enforcement faces challenges due to Russia's non-extradition policy and lack of cooperation on cybersecurity matters post-Ukraine invasion. [Source: The Guardian] Ransomware as a Service (RaaS): Qilin operates on a RaaS model, providing tools and infrastructure to independent hackers for a cut of the ransom, typically 15-20%. They demand ransoms ranging from $50,000 to $800,000, often using spear phishing for initial network access. [Source: Group-IB] Past Attacks: Since October 2022, Qilin has attacked over 50 organizations, including Robert Bernard in France and Dialog in Australia. Notable incidents include the Big Issue publisher attack, with 500GB of data leaked after a refused ransom. [Source: Group-IB] Rust and Go Languages: Qilin leverages Rust and Go programming languages for their ransomware, making it harder to detect and analyze. This allows them to customize attacks for different operating systems like Windows and Linux. [Source: Group-IB] Double Extortion Technique: Qilin uses double extortion, encrypting data and exfiltrating sensitive information to pressure victims into paying the ransom. They have a proprietary Dark Leak Site (DLS) for publishing stolen data. [Source: Group-IB] Affiliate Management: Qilin's affiliate panel includes sections for managing targets, creating ransomware samples, and coordinating attacks. Affiliates get 80-85% of the ransom, depending on the amount. [Source: Group-IB] Security Recommendations: Multi-Factor Authentication (MFA): Implement MFA and credential-based access solutions. Regular Backups: Conduct regular data backups. Email Protection: Use tools like Group-IB's Business Email Protection to [---]()counter phishing. Advanced Detection: Employ AI-based solutions for real-time intrusion detection. Patch Management: Regularly update and apply security patches. Employee Training: Educate employees about cybersecurity risks and phishing signs. Incident Response: Contact experts immediately if attacked; avoid paying ransoms. [Source: Group-IB] Listener Engagement: Question for Listeners: Have you ever encountered a phishing email at work? How did you handle it? Stay vigilant and keep your systems secure!`

The Mincing Rascals this week are John Williams of WGN Radio, Eric Zorn, Publisher of The Picayune Sentinel, Austin Berg of the Illinois Policy Institute, political pundit Marj Halperin, and Cate Plys, former staff writer at the Chicago Reader and political op-ed columnist at the Sun-Times and Tribune. There is a lot of news to get to this week! First, the Rascals talk […]

The Mincing Rascals this week are John Williams of WGN Radio, Eric Zorn, Publisher of The Picayune Sentinel, Austin Berg of the Illinois Policy Institute, political pundit Marj Halperin, and Cate Plys, former staff writer at the Chicago Reader and political op-ed columnist at the Sun-Times and Tribune. There is a lot of news to get to this week! First, the Rascals talk […]

The Mincing Rascals this week are John Williams of WGN Radio, Eric Zorn, Publisher of The Picayune Sentinel, Austin Berg of the Illinois Policy Institute, political pundit Marj Halperin, and Cate Plys, former staff writer at the Chicago Reader and political op-ed columnist at the Sun-Times and Tribune. There is a lot of news to get to this week! First, the Rascals talk […]

The Mincing Rascals this week are John Williams of WGN Radio, Eric Zorn, Publisher of The Picayune Sentinel, Austin Berg of the Illinois Policy Institute, political pundit Marj Halperin, and Cate Plys, former staff writer at the Chicago Reader and political op-ed columnist at the Sun-Times and Tribune. There is a lot of news to get to this week! First, the Rascals talk […]

Welcome back, loyal Data Center Therapy listeners!  As summer gives way to fall, we're dropping another fresh and topical episode onto the hot podcast grill for your informational delight (with a dash of fun thrown in for good measure.)  Your host, Mr. Matt “My Stack Overflowed” Cozzolino joins IVOXY End User Compute specialists Ryan "Universal Broker" Grelck and Aaron "Auto-Scaling" Hagman for a deep dive into the new and cloud-enabled world that is Microsoft Azure Virtual Desktop, and Windows 365.   In just thirty-two minutes, you, our listeners will get to learn about: What Azure Virtual Desktop is, why it exists, and what the implications are for mobility and security. What kinds of capabilities AVD has for integration with VNETs, storage, profiles, domains and Entra ID (formerly Azure Active Directory.) Why some organizations use multi-session desktops. How Windows 365 differs from AVD, and how it's two flavors (Business and Enterprise) differ from each other. What MSIX App Attach is, how it's similar to Horizon's AppVolumes, and how Horizon on Azure is now a thing. What the future of Windows Software Update Services is, how Intune and Group Policy interact, and what ADMX/ADML templates are. And many of the reasons businesses ultimately choose to implement AVD, including a focus on budget, CAPEX/OPEX, security or performance considerations. Along the way the crew also discusses Azure Arc, VPN tunnels and Express Routes, GPU-enabled cloud desktop instances, Windows Update for Business, thin clients and much more. If you like what you hear, please be sure to like, subscribe and share wherever you find quality podcasts like Data Center Therapy.  If you're interested in learning more about AVD or Windows 365, please reach out to your IVOXY Account Manager and we'd be happy to help guide you on your journey.  Thanks for listening!  Be safe, be informed, manage your virtual desktop environment like a boss, and catch you on the next fresh episode!

Should you use Windows Server Update Services or Windows Update for Business? Richard talks to Aria Carley about the different update mechanisms available today - and some new ones that are coming! Aria talks about how Windows is evolving to routine, incremental feature updates - but that can be challenging for managed workstations. The conversation explores the roles of Configuration Manager, WSUS, WSUB, Group Policy, Intune, and the new Azure Update Management tools. Plus, a hint of what is to come - could there be an Update Copilot in our future?Links:Configuration ManagerAzure Update ManagementMicrosoft IntuneWindows Server Update ServicesWindows Update for BusinessWidows Client Roadmap UpdateWindows AutopatchRecording May 4. 2023

MSP Dispatch is your source for news, community events, and commentary in the MSP channel.  Hosted by: Tony Francisco and Ray Orsini Give us your feedback by emailing news@mspmedia.tv   Today's MSP Dispatch featuring Tom Lawrence of Lawrence Systems covers the recent Uber breach, How Marcus Olsen built a $36M not MSP, and how CrowdStrike plans to become a generational platform. Additionally, learn about IronNet Laying Off 35% of Staff, Revolut exposing data of 50k Users, Windows 10 KB5017308 causing issues with Group Policy settings, and Adobe to Acquire Figma for $20 Bn! 0:00 Intro 2:55 How Marcus Olsen Built a $36M Not MSP 8:16 How CrowdStrike plans to become a generational platform 13:20 Uber Breached Again 23:55 Notable Mentions 26:57 Feedback 27:23 Community Events 28:19 Sign-off 30:30 Outtakes Story Links: How Marcus Olsen Built a $36M Not MSPhttps://www.youtube.com/watch?v=4XwWiZzEDPE&ab_channel=MSPRadioHow CrowdStrike plans to become a generational platformhttps://siliconangle.com/2022/09/17/crowdstrike-plans-become-generational-platform/Uber Breached Againhttps://www.nytimes.com/2022/09/15/technology/uber-hacking-breach.htmlhttps://www.nytimes.com/2022/09/15/technology/uber-hacking-breach.htmlhttps://www.darkreading.com/attacks-breaches/attacker-apparently-didnt-breach-single-system-pwn-uberhttps://www.youtube.com/watch?v=3dhJ3kccbnc&ab_channel=LawrenceSystemsIronNet Lays Off 35% of Staffhttps://www.crn.com/news/security/ironnet-lays-off-35-percent-of-staff-raises-going-concern-red-flagRevolut Exposes Data of 50k Usershttps://www.bleepingcomputer.com/news/security/revolut-hack-exposes-data-of-50-000-users-fuels-new-phishing-wave/KB 5017308 Breaking GPOhttps://www.bleepingcomputer.com/news/microsoft/windows-10-kb5017308-causing-issues-with-group-policy-settings/Adobe to Acquire Figma for $20 Bnhttps://www.theverge.com/2022/9/15/23354532/adobe-figma-acquisition-20-billion-official?scrolla=5eb6d68b7fedc32c19ef33b4Software engineers from big tech firms like Google, Amazon, Microsoft, and Meta are paying at least $75,000 to get 3 inches taller, a leg-lengthening surgeon sayshttps://www.businessinsider.com/tech-workers-paying-for-leg-lengthening-surgery-2022-9 Community Events: 9/21 @ 11:00 am ET | Is Your Top of Funnel Top of Mind? Presented by The Channel Program9/21 @ 12:00 pm ET | Build IT Better MSP Discussion Presented by Everything MSP9/22 - 9/24 In Person Event | Big Big Conference 2022: Hollywood, FL9/23 @ 10:00 am ET | MSP Dispatch Week Wrap Up Presented by The MSP Media Network9/23 @ 11:00 am ET | September Channel Pitch Presented by The Channel Program Connect with our hosts:  - Tony Francisco: https://www.linkedin.com/in/tonyjfrancisco/ - Ray Orsini: https://www.linkedin.com/in/rayorsini/ Follow our feartured guest, Tom Lawrence of Lawrence Systems! https://www.youtube.com/user/TheTecknowledge Be sure to follow us on social media:  Facebook: https://www.facebook.com/mspmediatv/ Twitter: https://twitter.com/mspmediatv LinkedIn: https://www.linkedin.com/company/mspmediatv/ Instagram: https://www.instagram.com/mspmediatv   Reddit: https://www.reddit.com/r/mspmedia Discord: https://discord.gg/Hc7b55cJPF

MSP Dispatch is your source for news, community events, and commentary in the MSP channel.  Hosted by: Tony Francisco and Ray Orsini Give us your feedback by emailing news@mspmedia.tv   Today's MSP Dispatch featuring Tom Lawrence of Lawrence Systems covers the recent Uber breach, How Marcus Olsen built a $36M not MSP, and how CrowdStrike plans to become a generational platform. Additionally, learn about IronNet Laying Off 35% of Staff, Revolut exposing data of 50k Users, Windows 10 KB5017308 causing issues with Group Policy settings, and Adobe to Acquire Figma for $20 Bn! 0:00 Intro 2:55 How Marcus Olsen Built a $36M Not MSP 8:16 How CrowdStrike plans to become a generational platform 13:20 Uber Breached Again 23:55 Notable Mentions 26:57 Feedback 27:23 Community Events 28:19 Sign-off 30:30 Outtakes Story Links: How Marcus Olsen Built a $36M Not MSPhttps://www.youtube.com/watch?v=4XwWiZzEDPE&ab_channel=MSPRadioHow CrowdStrike plans to become a generational platformhttps://siliconangle.com/2022/09/17/crowdstrike-plans-become-generational-platform/Uber Breached Againhttps://www.nytimes.com/2022/09/15/technology/uber-hacking-breach.htmlhttps://www.nytimes.com/2022/09/15/technology/uber-hacking-breach.htmlhttps://www.darkreading.com/attacks-breaches/attacker-apparently-didnt-breach-single-system-pwn-uberhttps://www.youtube.com/watch?v=3dhJ3kccbnc&ab_channel=LawrenceSystemsIronNet Lays Off 35% of Staffhttps://www.crn.com/news/security/ironnet-lays-off-35-percent-of-staff-raises-going-concern-red-flagRevolut Exposes Data of 50k Usershttps://www.bleepingcomputer.com/news/security/revolut-hack-exposes-data-of-50-000-users-fuels-new-phishing-wave/KB 5017308 Breaking GPOhttps://www.bleepingcomputer.com/news/microsoft/windows-10-kb5017308-causing-issues-with-group-policy-settings/Adobe to Acquire Figma for $20 Bnhttps://www.theverge.com/2022/9/15/23354532/adobe-figma-acquisition-20-billion-official?scrolla=5eb6d68b7fedc32c19ef33b4Software engineers from big tech firms like Google, Amazon, Microsoft, and Meta are paying at least $75,000 to get 3 inches taller, a leg-lengthening surgeon sayshttps://www.businessinsider.com/tech-workers-paying-for-leg-lengthening-surgery-2022-9 Community Events: 9/21 @ 11:00 am ET | Is Your Top of Funnel Top of Mind? Presented by The Channel Program9/21 @ 12:00 pm ET | Build IT Better MSP Discussion Presented by Everything MSP9/22 - 9/24 In Person Event | Big Big Conference 2022: Hollywood, FL9/23 @ 10:00 am ET | MSP Dispatch Week Wrap Up Presented by The MSP Media Network9/23 @ 11:00 am ET | September Channel Pitch Presented by The Channel Program Connect with our hosts:  - Tony Francisco: https://www.linkedin.com/in/tonyjfrancisco/ - Ray Orsini: https://www.linkedin.com/in/rayorsini/ Follow our feartured guest, Tom Lawrence of Lawrence Systems! https://www.youtube.com/user/TheTecknowledge Be sure to follow us on social media:  Facebook: https://www.facebook.com/mspmediatv/ Twitter: https://twitter.com/mspmediatv LinkedIn: https://www.linkedin.com/company/mspmediatv/ Instagram: https://www.instagram.com/mspmediatv   Reddit: https://www.reddit.com/r/mspmedia Discord: https://discord.gg/Hc7b55cJPF

Can you migrate group policy objects to Intune? Richard chats with Katy Nicholson about her work modernizing Windows client machines through Microsoft Endpoint Manager, making on-premises Active Directory optional. Katy discusses using the Group Policy Analyzer to understand what policies will work through Endpoint Manager and Configuration Service Providers. The next question is, what policies are irrelevant or obsolete? This leads to a conversation around refreshing security for an organization - why does this policy exist. How is it applied to non-Windows devices? Does it still make sense? Ultimately, all policies are about security, which means getting to zero trust. How does policy work in a zero trust environment, and where do you have to make exceptions?Links:Katy's BlogMicrosoft Endpoint ManagerConfiguration Service ProviderGroup Policy AnalyzerImporting Group Policy Objects into IntuneAzure AD and Windows HelloRecorded July 5, 2022

We talk with IT Consultant Paul Schnackenburg about the concept of cloud-native architecture, who it's for, and ultimately… is it better? We also spent a bit of time talking about common stumbling blocks to becoming cloud-native, and how to navigate those challenges. In this episode on being Cloud-Native: What does it mean to be Cloud-Native? - 1:23 How is on-prem AD seen as a roadblock to becoming Cloud-Native? - 4:51 Where does Group Policy fit into the Cloud-Native discussion? - 18:55 How do Cloud-Native businesses handle storage? - 26:04 Is being Cloud-Native better? - 33:39 Resources for Cloud-Native Architecture: M365 Resources on the DOJO AAD Kerberos Authentication Process Info on the DOJO Azure Files Article from the DOJO Azure AD Connect Azure AD Join

Are you stuck in the print nightmare? Richard talks to Jeremy Moskowitz about the ongoing battle over potential exploits through the point-and-print system in Windows. Jeremy talks about the discovery of the vulnerability in July 2021 and how it has led to a series of patches and registry key changes to resist a potential exploit. Meantime, people need to print! There are several workarounds with Group Policy, and Jeremy's own PolicyPak has some practical solutions. If you put some time into thinking through how your organization prints, you can find a solution that works and is secure!Links:July Windows Print Spooler Remote Code Execution VulnerabilityAugust Windows Print Spooler Remote Code Execution VulnerabilityRestrictDriverInstallationToAdministratorGroup Policy Settings for Controlling PrintersUltimate Guide to PrintNightmarePDQ DeployRecorded September 9, 2021

The Teen Think Tank Project's inaugural research cohort presents their public policy framework. The group outlines how to most effectively address racial inequality and systemic racism by outlining the obstacles that athletes face when attempting to affect change and how we as allies can help empower these individuals and elevate their voices. Teen Think Tank Members include: Jack Baranoksi, Jared Cannon, Jeremy Cimino, Gwyneth Craney, Nolan Eichorn, Jack James, Savannah Riera, Rohan Rathod, and Kyra Turpie.  The Teen Think Tank Project is a student-run policy institute that develops policy frameworks for social justice issues and empowers students to become future change makers.   The Teen Think Tank Project is a student-run policy institute that develops policy frameworks for social justice issues and empowers students to become future change makers.

See how you can apply Zero Trust principles and policies to your endpoints and apps; the conduits for users to access your data, network, and resources. Jeremy Chapman walks through your options, controls, and recent updates to implement the Zero Trust security model. Our Essentials episode gave a high-level overview of the principles of the Zero Trust security model, spanning identity, endpoints, applications, networks, infrastructure, and data. For Zero Trust, endpoints refer to the devices people use every day — both corporate or personally owned computers and mobile devices. The prevalence of remote work means devices can be connected from anywhere and the controls you apply should be correlated to the level of risk at those endpoints. For corporate managed endpoints that run within your firewall or your VPN, you will still want to use principles of Zero Trust: Verify explicitly, apply least privileged access, and assume breach. We've thought about the endpoint attack vectors holistically and have solutions to help you protect your endpoints and the resources that they're accessing. ► QUICK LINKS: 00:00 - Introduction 01:16 - Register your endpoints 01:49 - Configure and enforce compliance 02:31 - Search policies with new settings catalog 03:15 - Group Policy analytics 04:00 - Microsoft Defender for Endpoint 04:36 - Microsoft Cloud App Security (MCAS) 06:36 - Reverse proxy 07:06 - Authentication context 08:44 - Anomaly detection policies 09:21 - Wrap up ► Link References: For more on our series, keep checking back to https://aka.ms/ZeroTrustMechanics Watch our Zero Trust Identity episode at https://aka.ms/IdentityMechanics Learn more about the Zero Trust approach at https://aka.ms/zerotrust ► Unfamiliar with Microsoft Mechanics? We are Microsoft's official video series for IT. You can watch and share valuable content and demos of current and upcoming tech from the people who build it at #Microsoft. Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries?sub_confirmation=1 Join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog Watch or listen via podcast here: https://microsoftmechanics.libsyn.com/website ► Keep getting this insider knowledge, join us on social: Follow us on Twitter: https://twitter.com/MSFTMechanics Follow us on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ Follow us on Facebook: https://facebook.com/microsoftmechanics/ 

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 32 today we are discussing about Group Policies.A Group Policy is a set of rules or policies that can be applied to a set of users or computer accounts within an operating system.Now, to Access the Group Policy Editor simply go to the run prompt and enter gpedit.The Local Group Policy editor will then launch and this is used to create and manage policies within a Windows environment.Each policy acts as a security template that can apply a set of rules to different users.These rules can contain things like Password complexity requirements, Account lockout policies,Software restrictions, and Application restrictions.If you're using an Active Directory domain controller in a Windows environment, you actually have access to a more advanced version of the Group Policy Editor as well.In corporate environments, it's common to create a Security Template with predefined rules based upon your Organization'sAdministrative Policies.This Security Template is a group of policies that can be loaded through a single procedure within the group policy editor. A large part of hardening the operating system occurs through loading different Group Policy objectives or GPOs against the workstation or against the server.These Group Policies are also used to create a secure baseline as part of your larger Configuration Management Program.Using them, new accounts and computers can quickly be configured with all of your organizational requirements. After creating your secure baseline,it's important to conduct Baselining.Baselining is a process of measuring changes in the network,hardware or software environment. Effectively baseline helps establish what normal is for your organization.By knowing what normal is, you can then identify what abnormal or a deviation looks like. For example, if you're looking at your network utilization over a period of time, you can identify high periods and low periods.If you normally have low periods of activity during a Saturday afternoon, for example, but this Saturday afternoon, you saw an excessively high amount of activity.You should look into that and investigate it.For example, in this image, we can see one very high spike of activity. We would compare this to a known baseline and then determine this spike is expected or if it should be investigated further.Every deviation should be looked at and categorized as either acceptable and expected or an issue to investigate further.Many data breaches have been discovered by investigating higher than expected network utilization during periods of time that should have been relatively low.By looking at this they have found things like data exfiltration and other problems that have happened through the network.

You should never host your own email, so we’ve gone and done just that. What we learned trying to build an email server in 2021. Plus our take on Ubuntu 21.04, become a master of your schedule with our pick, and a Garage Sale update.

Learn more about NetSupport Notify on #TipTopTipsEdu! Welcome to another episode of #TipTopTipsEdu! In this episode, we talk with our Technical Support Manager, Andy Earp, about all things NetSupport Notify where he shares his top five tips based upon some of the most frequent questions he’s asked about it. As explained in the episode, NetSupport Notify has lots of fantastic use cases in all sorts of organisations, including schools. From alerting people about emergencies to scheduled activities, kit reminders or even seeking help on behavioural issues from SLT callout – there are so many ways that Notify can help.In the episode, Andy responded to the following five questions and shared some great resources too. Here are the five questions I asked Andy: 1.      Can I configure the Agents and Console via Group Policy?https://kb.netsupportsoftware.com/knowledge-base/configuring-the-netsupport-notify-server-details-for-notification-agents-and-consoles-by-group-policy-gpo/2.      How to send notifications from a Web Consolehttps://kb.netsupportsoftware.com/knowledge-base/sending-notifications-from-a-web-page/3.      Is it possible to make it so that messages are only sent to certain departmentshttps://kb.netsupportsoftware.com/knowledge-base/how-to-create-netsupport-notify-console-operators-and-specify-which-departments-they-can-send-notifications-to/4.      Can I send notification to Agents across multiple sites?https://kb.netsupportsoftware.com/knowledge-base/using-netsupport-notify-across-multiple-sites/5.      Is it possible to send a Notification from a desktop Shortcut?https://kb.netsupportsoftware.com/knowledge-base/how-to-send-pre-configured-notifications-from-a-desktop-shortcut-using-netsupport-notify/ Prefer to watch? You can watch this episode back on our youtube channel - https://youtu.be/l_-ehmFGc7k

In this episode, I discuss some news from the world of technology, and I demonstrate how to access the group policy editor in the Windows 10 operating system.

Welcome to another episode of #TipTopTipsEdu on (NetSupport’s YouTube channel/NetSupport Radio). In this episode, we talk with NetSupport’s Technical Support Manager, Andy Earp with five of his tip-top tips for supporting and deploying NetSupport School. NetSupport School is our popular and award-winning classroom management solution. In this episode, I asked Andy five questions based around some of the most popular and helpful tips he could share about working with NetSupport School. Andy responded to the following five questions and shared some great resources too. Here are those questions and the relevant resource guides. 1 - How do you best apply the settings for NetSupport School? How to apply the NetSupport School ADMX Files https://kb.netsupportsoftware.com/knowledge-base/how-to-apply-the-netsupport-school-admx-files/ Best practice Group Policy installation and configuration https://www.netsupportschool.com/nss-pdfs/Best_practice_Group_Policy_installation_and_configuration.pdf 2 - What is the NetSupport School Connectivity Server and when is it useful to implement it? Using a NetSupport Name and Connectivity Server (Introduction and setup guide) https://www.netsupportschool.com/nss-pdfs/Using-a-NetSupport-Name-and-Connectivity-Server.pdf 3 - How do I ensure that my teachers only connect to Students in their class? Configuring the room name for NetSupport School Students and Tutors by Group Policy https://kb.netsupportsoftware.com/knowledge-base/configuring-the-room-name-for-netsupport-school-students-and-tutors-by-group-policy-gpo/ Integrating NetSupport School with Google Classroom https://www.netsupportschool.com/nss-pdfs/Integrating-NetSupport-School-with-Google-Classroom.pdf Using NetSupport School in a Chrome Environment https://www.netsupportschool.com/nss-pdfs/using-nss-in-a-google-chrome-environment.pdf 4 - Can NetSupport School work in a RDSH or VDI environment? Setting up NetSupport School in a Terminal Services environment https://kb.netsupportsoftware.com/knowledge-base/setting-up-netsupport-school-to-run-in-a-microsoft-terminal-server-environment/ Using NetSupport School in a VDI environment https://kb.netsupportsoftware.com/knowledge-base/using-netsupport-school-within-a-vdi-environment/ 5 - How do you secure access to the Tutor Console and remote access to the Students? https://kb.netsupportsoftware.com/knowledge-base/how-to-secure-access-to-the-tutor-console-and-connections-to-the-students-within-netsupport-school/

Now that remote work has become the new normal due to COVID 19, many businesses have offered their employees more flexible "work from home" options. In this episode, our SecureChat hosts discuss the edge that RKON has obtained- this edge is Kaseya. Listen as they discuss the advantages of Kaseya and how RKON is leveraging this remote management tool for our clients, making the transition to remote work seamless.

There are various technologies available in Windows client and server operating systems for managing user profiles and folder redirection in an Active Directory environment. User profiles and folder redirection are methodologies used for accomplishing User State virtualization, also most recently called User Experience virtualization (https://docs.microsoft.com/en-us/windows/configuration/ue-v/uev-for-windows). There are two main approaches in the user profile technology. One major approach is the file-based approach where user profile files are synced back and forth between the central user file repository residing in a highly available SMB file share and a locally synced copy. Such an example is Citrix Profile Management (see below section for more details). The other major approach is container-based user profiles, which are based on vhdx containers where all relevant user profile information is stored. Such an example is Microsoft FsLogix profile technology (see below section for more details). Folder redirection works alongside a roaming profile solution to redirect user folders to a distributed location. Folder Redirection enables users and administrators to redirect the path of a known folder to a new location, manually or by using Group Policy. The new location can be a folder on the local computer or a directory on a file share. Users interact with files in the redirected folder as if it still existed on the local drive. --- Send in a voice message: https://anchor.fm/stefanoscloud/message

The security and threat landscape has changed with more of us working from home. Attackers are getting more sophisticated in both luring victims and hiding automated commands. Equally, the protections from your on-premises network perimeter and firewall don't always apply when your users are away from the office, using personal devices, or if you've had to free up capacity on your VPN to avoid saturation. In this episode, we catch up with David Weston, Microsoft Hacker in Chief, once again to see live malware campaigns, COVID-19 themed phishing attempts, connecting non-compliant devices to managed resources -- along with the controls you can put in place to both block unwanted attacks and investigate/remediate post breach. We'll look at policy controls in Microsoft Intune and Group Policy in Windows 10, plus how you can use Microsoft Secure Score to assess where your organization is today and plan for the controls to increase your security posture in the future. The good news is that as you increase your protections for people working from home, these additive controls will make your defenses even stronger once users come back to the office. Find out more on: • How to protect yourself using Microsoft Secure Score • Improvement actions to detect and prevent obfuscated scripts with Microsoft Defender Advanced Threat Protection • Network protection • How you can use Microsoft Endpoint Manager to get your machine to a compliant state, so you can connect to resources and get work done • New capabilities to Secure Score that are related to planning or tracking your progress against your security goals over time Microsoft Secure Score (authenticated portal): https://aka.ms/SecureScore Attack Surface Reduction GUIDs: https://aka.ms/FindASRGUIDs Dave's previous show from Microsoft Ignite: https://aka.ms/StoppingRealAttacks If you are unfamiliar with Microsoft Mechanics, we are Microsoft’s official video series for IT. You can watch and share valuable content and demos of current and upcoming tech from the people who build it at #Microsoft. Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries?sub_confirmation=1 Follow us on Twitter: https://twitter.com/MSFTMechanics Follow us on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ Follow us on Facebook: https://facebook.com/microsoftmechanics/ #workingremotely #Security #Microsoft

It's Show 700! Richard brings his friend Jeremy Moskowitz on to celebrate making 700 episodes of RunAs. The conversation spans the history of the show, the evolution of Windows, the challenges of the pandemic and how Group Policy can fix everything - check out the webinar that Richard and Jeremy did together at https://www.policypak.com/runas - and thanks for listening!

Derek Melber has been a Microsoft MVP in the Group Policy and Active Directory area since 2004.  We talk about the importance about detecting security breaches in Active Directory and easy steps how to improve the security in Active Directory. And what about when organisations move from Active Directory to Azure AD? Well, hear Dereks own words about this. Since Derek is American this podcast is in English and also video recorded (see our Youtube channel).

In Episode 1 of our IT Security podcast series, Vivin explains the dos and don'ts with respect to Active Directory Group Policy. Tune in as he highlights the seven important points which to enhance the security of your Active Directory infrastructure.

Now that we’ve addressed mobility and cloud identity, it’s time manage settings within SaaS apps.

Now that we’ve addressed mobility and cloud identity, it’s time manage settings within SaaS apps.

In this episode, I will share some stories from the trenches. Please visit https://sysadmintoday.com to subscribe. Host: Paul Joyner Email: paul@sysadmintoday.com Facebook: https://www.facebook.com/sysadmintoday Twitter: https://twitter.com/SysadminToday Meraki PCI Compliancehttps://documentation.meraki.com/MR/Other_Topics/PCI_Compliance_with_Meraki SQL Limitations Across Versions https://docs.microsoft.com/en-us/sql/getting-started/features-supported-by-the-editions-of-sql-server-2014?view=sql-server-2014 Drive Mapping using Group Policy https://activedirectorypro.com/map-network-drives-with-group-policy/ Please Support the Channel https://www.patreon.com/sysadmintoday

In this episode of the Microsoft Today Podcast, we discuss Microsoft 365 Education, Office 365 Education, Minecraft Education Edition, Skype in the Classroom, Skype Translator, OneNote Class Notebooks, FlipGrid, Intune for Education, Microsoft Innovative Educators (MIE), Microsoft 365 Education Hardware, Microsoft Store STEM Saturdays, Government Grants and Funding, Microsoft Inclusive Education and much more.Bill Gates The Bill and Melinda Gates Foundation have made improving K-12 education in the United States a priority mission. Summit Innovation in Education Bill Gates on improving K-12 Education Bill Gates TED Talk, Teachers Need Real Feedback (April 2013) Teachers get very little feedback US is tied for 15th in reading, but 23 in science and 31 in math Bill Gates against Common Core Bill Gates on his Education MissionKhan Academy Is a non-profit educational organization created in 2008 by Salman Khan with the goal of creating a set of online tools that help educate students Received significant funding early on from the Bill and Melinda Gates Foundation, and has received more than $9 million in funding from the foundation overall Microsoft has developed and released Khan Academy Universal Windows Platform Apps Bill Gates on Khan Academy (2010)Microsoft Imagine (Formerly DreamSpark) Dream it. Build it. Live it. Enter your tech project in the 2019 Imagine Cup for the chance to bring your innovation to life and win up to USD100,000! DreamSpark was originally announced by Bill Gates in 2008 Free training — Azure Labs Computer Science training on GitHub $100 in free Azure Credits Imagine Webstore — Obtain software through your school at now costMicrosoft Small Basic Is a programming language and associated IDE for Microsoft’s simplified variant of the BASIC programming language, intended as an easy programming language for beginners Released in October of 2008Kodu and Kodu Game Lab Kodu is a visual programming tool (like Scratch) which builds on ideas begun with Logo in the 1960s, and Kodu Game Lab is the integrated development environment (IDE) by Microsoft’s FUSE Labs First released in June 2009 Still actively updatedProject Spark Was a game platform build on the foundations of Kodu, that allowed players to create game using the platform and programming language and share them with othersMakeCode Microsoft MakeCode brings computer science to life for all students with fun projects, immediate results, and both block and text editors for learners at different levels Microsoft created MakeCode utilizing their Touch Develop technology They have partnered with many different companies and brands to create fun and engaging coding tracks for students, including: micro:bit — a tiny programmable computer, designed to make learning and teaching easy and fun! Circuit Playground Express — An introduction to electronics and programming from adafruit Lego Education (Mindstorms) — Allows one to program the LEGO MINDSTORMS Education EV3 using Blocks or JavaScript Cue the Robot — Provides a transition from block-based code to state-machine and text-based programming Grove Zero — Are color-coded and magnetic electronic modules that teaches students about programming, electronics, design thinking, and logics Chibi Chip — The Love to Code (LTC) system is designed for beginners of all ages and backgrounds to try out programming without the frustration of installing software Resources MakeCode Website MakeCode YouTube ChannelMicrosoft Stores Microsoft provides many learning and education initiatives through their retail stores STEM Saturdays — Teachers, students, and parents are welcome to drop by their local Microsoft Store to participate in these learning experiences. Projects are designed for 11- to 14-year-old students but can easily be completed by younger students with parental support Intro to Robotics with Ohbot Free new coding workshops Free Harry Potter Kano Coding Kit workshop How Do Sharks Swim? (build a joystick) Make hustle happenStart your own business or champion a cause — Learn from NFL heroes how to follow your passion, start your own business, and create positive change in your community. In this free two-hour workshop, students learn how NFL players “make hustle happen” through side businesses and collaboration to serve a cause they care about. Participants will brainstorm ideas for their own side hustle or a supporting a cause, then draft an action plan using Windows 10. At the end of the workshop, students present their action plans and get the inspiration they need to execute next stepsFlipGrid FlipGrid is an award winning platform that empowers student voice. Students capture short videos to share ideas and experiences with their classmates on the topics you define Overview Welcome to FlipGrid The Power of the Student Voice I have a Voice Goals Give all students a voice Provide instant feedback and interaction for all, including educators 100% Free Integration — Can be integrated directly with team sites, learning sites, or LMS solutions… it can even be embedded in OneNote!Goals of Microsoft 365 Education To empower educators to unlock creativity, promote teamwork, and provide a simple and safe experience in a single, affordable solution built for educationOffice 365 Education OneNote — Helps students learn to be organized, collaborate and be proactive with their learning — while also providing the teachers with a single pane of glass for review Class Notebook Creator — Lets a teacher quickly set up a personal workspace for every student, a content library for handouts, and a collaboration space for lessons and creative activities, all within one powerful notebook Collaboration Space — Allows teachers and students to edit content Content Library — Allows teachers to edit content, but students to only view or copy content (such as for tests or other course materials) Student Notebooks — Provide a private space for students to work, that can be viewed by only the teacher and the student By default, contains a Handouts, Class Notes, Homework and Quizzes sections Class Notebook Sharing — Enables teachers to collaborate and share with other educators Skype in the Classroom — Creating Global Citizens is “live learning” personified Provides students with experiencing and interacting with different cultures and viewpoints Kansas students helped Kenyan students with their water crisis Skype Translator — Breaks down language barriers“My students became lifelong learners because they understood the power of using learning to affect real change in the world.” (Source) Microsoft Teams — The classroom experience in Teams empowers the generation that embraces technology as their first language, encouraging their developing voices and helping educators implement learning strategies for their future success Teams is all about collaboration Provides an instant-feedback platform for students Empowers teachers and educators to collaborate with one another as well, so that they can better teach and inspire their students Teachers don’t always have all of the right answers, so it is great to have an instant collaboration platform for when the need arises Now has immersive reader Can enable teachers to “speed grade” via the assignments tab Rubic Grading in TeamsMicrosoft is not resting even when they’ve lost a class, school or district to Google’s platform, they are still pushing the adoption of free technologies like Microsoft Teams, Microsoft Translator, OneNote and FlipGrid — even if they don’t own the platform space.Research Microsoft Translator for Education — Communicate with Students In the US, the number of ESL learners has more than doubled since 1990 As the teacher speaks, translator provides real-time translated audio and transcripts for the student With the Translator PowerPoint add-in, Translator can provide more accurate translations Translator’s transcripts also provide notes that can be used by all students Translator for Real-Time Sub-titles — Enables the Deaf https://translator.microsoft.comMinecraft Microsoft has partnered with Code.org to create the code training using Minecraft for grades 2 and up at https://code.org/minecraft Minecraft also has its own MakeCode site at https://minecraft.makecode.com Microsoft has also developed the Minecraft Education Edition and it’s supporting curriculum as part of Microsoft 365 for EducationIntune for Education Microsoft Intune for Education: a new cloud-based application and device management service that is built on the proven Microsoft Intune service, offering easy setup and management in shared learning environments Integrates directly into Microsoft School Data Sync Pulls in users, teachers, and students automatically Device deployment, management and security Has over 150 configurable settings Includes an auto-enrollment feature Mass deployment of settings by USB key Windows Store for Business integration for Application Deployment With Windows 10, all settings follow the userAdministration Device Management — Azure Active Directory, Group Policy and other management tools Training — No cost educator training across the entire Microsoft 365 Education product line Microsoft Innovator Educator (MIEs) Programs — Are designed to help educators move along a pathway from those who are just beginning to integrate Microsoft tools into the classroom to becoming leaders of innovation in education Microsoft Innovative Educator Microsoft Innovative Educator Trainer Microsoft Innovative Educator Expert Microsoft Innovator Educator Community Is a place to discover, research, share and collaborate with other like-minded innovative educators There are more than 4,000 Microsoft Innovative Educators across the globeHardware Affordable notebooks starting at just $189 $189 Lenovo 100e $219 HP Stream 11 Pro G4 EE $229 Dell Latitude 3180 $279 Asus VivoBook W202 Dynamic 2:1s starting as low as $299 $299 Acer TravelMate Spin B1 $299 Dell Latitude 3189 $329 Asus VivoBook Flip 14 TP401 $380 Surface GoBundles All-in-one Minecraft cart — Teach STEM with Minecraft: Education Edition to help students develop critical and computational thinking skills. Engage students across all STEM subjects and flex their creative problem-solving skills in an open-world game. Minecraft: Education Edition licenses and everything you need to get started Microsoft 365 Education, which includes Intune for Education and Office 365 Education with Teams and OneNote Bundled with device hardware Bretford CUBE Cart device storage that looks like a Minecraft “Grass” blockFunding Grants — Microsoft can assist with obtaining grant funding for STEM education programs The federal government issues more than $500 billion in grants each year through its 26 grant-making agencies Most states also offer additional grant money, or provide “passed-through” funding from specific federal agencies Private foundations and corporations provide more than $50 billion each year in fundingTop Grant Programs for STEM Education STEM+ Computing Partnerships Grant Program (STEM+C) — Seeks to build evidence to inform development of new pedagogical strategies and pedagogical environments for integrating computing and computational thinking in the teaching and learning of pre-K-12 STEM Source — National Science Foundation (NSF) Awards — Between $250,000 to $2.5 million per recipient for up to three years Deadline — Spring 2019 Program Details — https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=505006 Computer Science for All Grant Program (CS for ALL) — Hopes to provide all U.S. students the opportunity to participate in computer science and computational thinking education in pre-K through high school Source — National Science Foundation (NSF) Awards — $300,000 to $2 million per recipient for up to four years Deadline — February 12, 2019 Program Details — https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=505359 Navy & Marine Corps STEM Education & Workforce Development Grant Program (ONR STEM) — Seeks proposals for developing innovative solutions that directly support the development and maintenance of a diverse, world-class STEM workforce. The goal of any proposed effort should be to provide “game changing” solutions to establish and strengthen the pipeline of students in grade 9 or higher interested in civilian or enlisted Navy & Marine Corps related workforce opportunities. The proposed STEM learning, therefore, must relate to domains of naval relevance or strategic value Source — Department of Defense, Office of Naval Research Awards — Up to $750,000 for up to three years Deadline — September 27, 2019 Program Details — : https://www.onr.navy.mil/Contracts-Grants/Funding-Opportunities/Broad-Agency-Announcements.aspx 21st Century Community Learning Centers Grant Program (21st CCLC) — Supports the creation of community learning centers that provide extended learning time opportunities for children, particularly students who attend high-poverty and low-performing schools. Centers provide a range of high-quality services to support student learning and development, including: tutoring and mentoring, homework help, academic enrichment (such as hands-on science or technology programs), character education, drug and violence prevention, family engagement, community service opportunities, as well as music, arts, sports, and cultural activities Source — Department of Education (through each state) Awards — Determined by local and state agencies Deadline — Varies by state, check state agency websites — https://www2.ed.gov/programs/21stcclc/contacts.html#state Program Details — https://www2.ed.gov/programs/21stcclc/index.html Education Innovation & Research Grant Program (EIR) — Provides funding to create, develop, implement, replicate, or take to scale entrepreneurial, evidence-based, field-initiated innovations to improve student achievement and attainment for high-need students, and rigorously evaluate such innovations. Recent priorities have included: supporting high need students, improving school climate; promoting diversity; increasing post-secondary preparedness; improving the effectiveness of principals; and re-engaging disconnected youth Source — Department of Education Awards — $4 million maximum for up to five years Deadline — Late spring, early summer 2019 Program Details — https://innovation.ed.gov/what-we-do/innovation/education-innovation-and-research-eir/ For a full overview of all available grants, please visit https://www.grants.govMicrosoft Learning Tools Availability Microsoft prides itself for providing their learning tools and platforms to students from all skill, education, cognitive and accessibility levels… inclusive learning for all students. This isn’t something new for Microsoft, rather it is something Microsoft and Microsoft Research have been working on and developing for decades. From to text speech, eye tracking technologies, Kinect breakthroughs, and working with the likes of the late, great Professor Stephen Hawking and the SwiftKey team, to working with Steve Gleason on his fight against ALS, while also working with thousands of disabled gamers to develop the Xbox Adaptive Controller — empowering those with disabilities is ingrained within their DNA.Resources Microsoft STEM Grant Whitepaper Intune for Education Introduction Intune for Education — How it Works (Ignite Session) Microsoft EDU YouTube ChannelFollow or Subscribe to Microsoft Today Patreon  Website Apple/iTunes Blubrry Breaker Facebook Google Podcasts Pocket Cast PodBean RadioPublic Spotify Stitcher YouTube Support the show.

GUEST BIO: Jess Dodson is a Windows Administrator living in Queensland, Australia.  Jess describes herself as a Microsoft fan girl and for the past couple of years she has been a Microsoft Most Valuable Professional.  Jess is also keen to pass on information to others that is technically relevant, as well as other useful information for those in system administration. EPISODE DESCRIPTION: Jess Dodson is Phil’s guest on today’s show. She has been supporting, managing and administering Active Directory & Windows Servers platforms. Her work has enabled her to become a Microsoft Most Valuable Professional. She specializes in Windows Server Operating Systems, Active Directory, Group Policy, File and Print, OS Lifecycle management, information & account security services. KEY TAKEAWAYS: (0.58) – So Jess, can you expand on that summary and tell us a little bit more about yourself? Jess explains that, after 15 years in the industry, she is now focusing more on Active Directory identity and security. In Australia, she is also heavily involved with the IT Professional Association. Their aim is to advance the practice of Information Technology as a profession. Currently, they are working to increase visibility and demonstrating the fact that the profession is not as boring as people make it out to be. She uses social media to convince people to give working in the administration side of IT, a go. Rather than automatically pursue a career on the developer side of things. (2,15) – Phil wants to know if Jess has noticed a big difference in the operational side of the companies she has worked for. So far, Jess has only worked for two organizations. A university and government department and she have found that they work in a very similar way on the organization side, but she is aware that in the corporate world culture differences are definitely there. (3.20) – Phil asks Jess for a unique IT career tip. Jess’ number one tip is that getting into IT and enjoying the career you want isn’t a straight line. There is no you get this degree to get this specific job path, in the IT industry. The best approach is to do what works for you. For some people, that is getting a degree, for others it means going straight from school into a mundane IT job and starting at the bottom of the ladder. You just need to do what works for you. (4.35) – Jess is asked to share her worst career moment and what she learned from that experience. She goes onto share two experiences, because she could not decide which of them was worst. The first one was when she did some live testing on her employee’s production website and wiped it out. They were able to restore it, from backup, but it was a hard way to learn never to do any testing on a production website. The 2nd one happened when she needed to delete a production server from her employee’s Windows Update server. A server that had been decommissioned so did not need updates. But, instead of deleting just that server, she deleted the entire production server group. More than 500 servers could not receive Windows update. This happened the day before the production patches were due to be deployed. Jess realized her mistake within seconds. The delete computer and delete group buttons were side by side and she knew instantly that she had hit the wrong one. For Jess, the lesson from that unfortunate mistake was to admit your mistakes immediately. She turned to a close colleague who had some experience in scripting and together they were able to fix the problem within an hour. If she had not admitted it, she would have had to fix it manually, which would have taken all night. Working as a team the problem was solved really quickly. (7.25) – Phil asks Jess what her best career moment was. She says it was speaking at Microsoft Ignite in Australia in 2013. She had never spoken publically before, so was very pleased when her speech was voted the third best of the conference. If you want to hear it you can do so here. Her speech was all about Active Directory & Domain Security, Administration & Maintenance and is called Righting the Right Rights. (8.26) – Phil asks how Jess practiced for her talk at Microsoft Ignite. She said she went online and did some research about technical speaking and followed the advice to practice 10 times the amount of time you are due to speak for. Jess has gone on to speak at Microsoft Ignite three more times and she may be speaking at the big Ignite conference that is on tour and coming to Sydney in February 2019. (9.51) – Phil asks what excites Jess about the future of the IT industry. The fact that everything changes so fast, is something that Jess finds exciting. You have to be really good at learning and keeping up. The shift into a whole range of areas that were not even thought of 10 years ago is really exciting. She also likes the fact that security is becoming increasingly important. (11.01) – Are there any other technologies that are of interest to you outside of your general remit? Jess explains that she just loves what she does so much that she is really focused on the Microsoft sphere of technology stack. (11.40) – Phil wants to know what brand of phone Jess uses. It is an Android model and jokes that she is a Google fangirl as well as a Microsoft one. (12.11) – What drew you to a career in IT, Jess? She explains that her dad was a systems engineer. From a very young age she wanted to be like her dad, which, naturally, meant a career in IT. (12.27) – What is the best career advice you were given? Stand up for what you know is right. Find a way to convince your managers or, if you need to, go around them especially if it is related to security. (12.53) – If you were to start your IT career again, now, what would you do? If she were to start again Jess would focus on the cloud and brush up on her coding and scripting skills. (13.09) – Phil asks Jess what career objectives she currently has. Right now, Jess is focusing on Azure, Microsoft’s Cloud solution. As well as moving more into the security and identity space. (13.35) – What is the number one non-technical skill that has helped you in your IT career, so far? Her response is people skills. Your network of people is a crucial asset. You need people you can rely on, so you need to “find your tribe.” (14.11) – Phil asks Jess to share a final piece of career advice. She says “love what you do”. You cannot just do this job to pay the bills. You need to be realistic and realize that it is not always possible to “do what you love”. Sometimes you are going to end up having to learn to “love what you do”. Taking this approach ensures that you get the most out of whatever situation you find yourself in and do a good job. BEST MOMENTS: (4.03) JESS – “Every person that I've ever met in IT has completely different ways that they've gotten into the industry. So, follow the path that works for you.” (7.17) JESS – “One person can get some things done. But as a team, you can get so much more done if you work together.” (11.01) PHIL – “Security is definitely going to be a hot topic over the next 10 15 years” (13.00) JESS – “Starting from now, focus on the cloud. Focus very heavily on the cloud. (13.47) JESS – “The network of people that you know, and that you can call on, it's your number one asset. You need a tribe to rely on.” CONTACT JESS DODSON: Twitter: https://twitter.com/girlgerms LinkedIn: https://www.linkedin.com/in/jrdodson/ Website: https://girl-germs.com/

In this episode we cover a couple of quick basic tips for managing your Group Policies and Active Directory. --- Support this podcast: https://anchor.fm/joe-russell/support

In this fascinating and inspiring conversation Paul Gerrard, Group Policy and Campaigns Director for The Co-op tells us about why this grand-daddy of the co-operative movement was one of the leading businesses to campaign for the introduction of the UK Modern Slavery Act (MSA).  The interview also covers how the Co-op first started to address slavery over 150 years ago and how they have now developed a range of partnerships to help people in slavery to break free. I was also delighted to be joined by an expert in the MSA, Jessica Cresswell, from the highly-regarded consultancy Carbon Smart who asked insightful questions regarding the challenging area of engagement with suppliers regarding modern slavery.  As an added bonus Paul also shares at the end of the discussion two further fantastic initiatives that the Co-op are delivering in their communities. See acast.com/privacy for privacy and opt-out information.

Can Group Policy help protect your user's machines? Definitely! Richard chats with Jeremy Moskowitz about his on-going work with group policy, including his cool tool, PolicyPak. Jeremy talks about applying least privilege principles via Group Policy, including a case of a patch from June 2016 that may have broken some of your group policies because the machine that has to apply them doesn't have sufficient privileges! Other important least privilege aspects discussed include better management of local admin accounts, control over who actually makes and changes group policy, and how to deal with users who want to install apps. Lots to learn!

#vBrownBag APAC Microsoft Group Policy with Brett Johnson @BrettJohnson008

Is Group Policy dead? Jeremy Moskowitz says no! And he's not alone. Richard chats with Jeremy about the confusion in the marketplace these days around Active Directory, Group Policy, Intune, mobile device management tools and so on. Group Policy continues to represent the best way to manage Windows PCs, which is still a large part of most organizations. And Windows 10 implements even more Group Policy related features. If you manage a domain, you should be using Group Policy. MDM, well, that's another show!

While at Tech Ed 2014 in Houston, Richard chats with Jeremy Moskowitz about group policy in Windows 8. Jeremy talks about his session at Tech Ed called Group Policy Notes from the Field which focuses on how group policy is often unfairly blamed for performance problems. Check out the video and watch for a link at the end of it to get access to the performance tools that Jeremy uses! The conversation also digs into PolicyPak, the tools Jeremy and his team have built to allow group policy to apply to third party products like FireFox. And the latest incarnation works in the cloud against non-domain-joined machines!

Darren Mar-Elia on Group Policy!

Jeremy Moskowitz on Group Policy!

Richard talks to Alan Burchill about some of the improvements to Group Policy in Server 2012. The conversation starts out with the new reporting features, including the infrastructure status report that will actually show you when policies have been synchronized between AD servers as well as improve group policy reports to help you understand what policies are (and are NOT) being applied to a given account. Alan then digs into local group policy features in Windows RT (yes, the ARM edition) - you can't join a domain, but you can push local policies onto tablets! For more information around group policy in Server 2012, check out Alan's blog.

In today’s episode, Technical Evangelist Kevin Remde and Sr. Product Manager on the Windows Commercial Team, Stephen Rose discuss a number of new security enhancements and features such as Bitlocker and BiitLocker-to-Go, MBAM, Secure Boot and File History found in Windows 8.[2:22] How are Windows 8 based devices protected against malware? [8:20] How has Bitlocker been improved in Windows 8? [14:11] What happens when my hard drive crashes or if I delete some important files? What new options do I have in Windows 8 to save my data? [19:34] What about Network Security? [22:43] Is Active Directory and Group Policy still available in Windows 8? [25:34] What about Applications? How do I ensure these are secure? [31:04] Is Windows-to-Go secure? What happens to my data if l lose my USB stick? Download the Windows 8 Enterprise Evaluation today and test your applications, hardware and deployment strategies with Windows 8.Resources:Windows 8 Enterprise Windows 8 Licensing The Springboard Series Blog Windows 8 Resources for IT Pros on Springboard Resources for Developers to Build Windows 8 Apps Windows 8 resources for partners on Microsoft Partner Network

In today’s episode, Technical Evangelist Kevin Remde and Sr. Product Manager on the Windows Commercial Team, Stephen Rose discuss a number of new security enhancements and features such as Bitlocker and BiitLocker-to-Go, MBAM, Secure Boot and File History found in Windows 8.[2:22] How are Windows 8 based devices protected against malware? [8:20] How has Bitlocker been improved in Windows 8? [14:11] What happens when my hard drive crashes or if I delete some important files? What new options do I have in Windows 8 to save my data? [19:34] What about Network Security? [22:43] Is Active Directory and Group Policy still available in Windows 8? [25:34] What about Applications? How do I ensure these are secure? [31:04] Is Windows-to-Go secure? What happens to my data if l lose my USB stick? Download the Windows 8 Enterprise Evaluation today and test your applications, hardware and deployment strategies with Windows 8.Resources:Windows 8 Enterprise Windows 8 Licensing The Springboard Series Blog Windows 8 Resources for IT Pros on Springboard Resources for Developers to Build Windows 8 Apps Windows 8 resources for partners on Microsoft Partner Network

In today’s episode, Technical Evangelist Kevin Remde and Sr. Product Manager on the Windows Commercial Team, Stephen Rose discuss a number of new security enhancements and features such as Bitlocker and BiitLocker-to-Go, MBAM, Secure Boot and File History found in Windows 8.[2:22] How are Windows 8 based devices protected against malware? [8:20] How has Bitlocker been improved in Windows 8? [14:11] What happens when my hard drive crashes or if I delete some important files? What new options do I have in Windows 8 to save my data? [19:34] What about Network Security? [22:43] Is Active Directory and Group Policy still available in Windows 8? [25:34] What about Applications? How do I ensure these are secure? [31:04] Is Windows-to-Go secure? What happens to my data if l lose my USB stick? Download the Windows 8 Enterprise Evaluation today and test your applications, hardware and deployment strategies with Windows 8.Resources:Windows 8 Enterprise Windows 8 Licensing The Springboard Series Blog Windows 8 Resources for IT Pros on Springboard Resources for Developers to Build Windows 8 Apps Windows 8 resources for partners on Microsoft Partner Network

During the US Thanksgiving break of the .NET Rocks Visual Studio 2012 Launch Road Trip, Richard chatted with Jeremy Moskowitz about the new group policy features in Windows 8. The discussion starts out with a digression talking about how to influence features in the Microsoft stack before steering back on the subject of Group Policy, specifically Group Policy Preferences with Server 2012 and Windows 8. Jeremy digs into some of the new features available, as well as talking about how his product PolicyPak can help with applying policies to third party products. He also mentions a number of blogs including his own GP Blog, Darren Mar-Elia's GPOGuy and Alan Burchill's Group Policy Central for finding out more about group policy.

Richard chats with Rhonda Layfield about the now shipping version of Microsoft Deployment Toolkit 2012. Rhonda describes the relationship between MDT 2012 and System Center 2012 Configuration Manager - what MDT does and what SCCM does. The conversation continues over to how Group Policy packs are deployed by default in MDT 2012, which might surprise some IT folks. Rhonda also talks about Security Compliance Manager and how it can help you understand where your Group Policy is at, as well as provide policy configuration for specific Windows, Office and Internet Explorer features. You can get MDT and SCM at the Solution Accelerators page on TechNet. Also, check out the Microsoft Security Compliance Manager library page on TechNet for a list of the security baseline settings for various operating systems, Internet Explorer, Exchange and Office.

Download the MP3 Podcast In this episode we look at how you can Backup, Restore, and Import Group Policy Objects using Windows PowerShell and the cmdlets that come with the Group Policy module in the latest version of RSAT and the GPMC. $dir = 'server1gpobackups' # Backups Get-GPO -All |Backup-GPO -Path $dir Get-GPO remoting |Backup-GPO […]

Richard talks to Jeremy Moskowitz about his latest version of PolicyPak. PolicyPak provides Group Policy templates for third party applications. This is one of those products that once you understand what it does, you can't live without it. There's a free community edition as well as a paid version that is ten bucks per PC! Check it out at www.policypak.com.

While at DevConnections, Richard talks to Jeremy Moskowitz about what every IT person needs to know about troubleshooting group policy.

10-10-10 “Group Policy overview along with gpedit.msc command” Produced by TechJives.net / Winfitts.com  Sponsored by http://www.CEDSolutions.com

Richard catches Alan Burchill while at Tech Ed New Zealand. Alan digs into the new Group Policy Preferences features introduced with Windows 7 and Windows Server 2008 R2 but available for XP, Vista, even Server 2000 and up! The conversation explores how group policy can now be used to map drives, printers and other features, leading to the virtual elimination of login scripts. Check out Alan's web site at http://www.grouppolicy.biz/ for videos and information on this and other group policy techniques.

Richard and Greg talk to Greg Lamothe about Windows SteadyState. SteadyState allows administrators to configure PCs to roll back to a base configuration after every reboot. Combined with Group Policy for restricting access to resources you can create the perfect kiosk computer that cleans off all traces of the previous user, ready for the next.

Richard and Greg talk to Jeremy Moskowitz of gpanswers.com fame about Group Policy in Active Directory. As Jeremy says, if you have Active Directory, you have Group Policy, and you might as well learn how to take advantage of it.

"Windows Vista comes with redesigned support for WiFi (802.11 wireless). For those of us who live with a laptop in easy reach, it’s going to have an effect on our workday. For users there’s a new UI experience, helpful diagnostics and updated default behaviors. For IT pros who manage Windows clients, there’s improved management via Group Policy and Scripting. For sysadmins & geeks there’s a new command line interface. But behind these more obvious changes there’s a new software stack. A stack designed to be more secure, but also more open and extensible. This talk will take a deep dive into that stack, describe the various components and their interaction and show where developers can create code to modify and extend the client. Want to build a site survey tool, a wireless IDS, or hack your own driver? We’ll show where to plug in. We’ll describe in detail how the behavior of the wireless stack has changed from XP, explain the rational behind this, and show how this is reflected in the user experience. Finally we’ll look at how Microsoft tests WiFi in Windows Vista."

Windows Vista comes with redesigned support for WiFi (802.11 wireless). For those of us who live with a laptop in easy reach, it’s going to have an effect on our workday. For users there’s a new UI experience, helpful diagnostics and updated default behaviors. For IT pros who manage Windows clients, there’s improved management via Group Policy and Scripting. For sysadmins & geeks there’s a new command line interface. But behind these more obvious changes there’s a new software stack. A stack designed to be more secure, but also more open and extensible. This talk will take a deep dive into that stack, describe the various components and their interaction and show where developers can create code to modify and extend the client. Want to build a site survey tool, a wireless IDS, or hack your own driver? We’ll show where to plug in. We’ll describe in detail how the behavior of the wireless stack has changed from XP, explain the rational behind this, and show how this is reflected in the user experience. Finally we’ll look at how Microsoft tests WiFi in Windows Vista."

Tony Chor will discuss Microsoft’s security engineering methodology and how it is being applied to the development of Internet Explorer 7. He will detail key vulnerabilities and attacks this methodology revealed as well as how the new version of IE will mitigate those threats with unique features such as the Phishing Filter and Protected Mode. Rob Franco lives to make browsing safer for internet users. Rob led Security improvements in Internet Explorer for Windows Server 2003, Windows XP SP2, and IE 7. Prior to that, Rob worked on Corporate deployment features such as Group Policy and the Internet Explorer Administration Kit. When he’s not working, he can usually be found cycling around the Seattle area or boating on a nearby lake."

"Tony Chor will discuss Microsoft’s security engineering methodology and how it is being applied to the development of Internet Explorer 7. He will detail key vulnerabilities and attacks this methodology revealed as well as how the new version of IE will mitigate those threats with unique features such as the Phishing Filter and Protected Mode. Rob Franco lives to make browsing safer for internet users. Rob led Security improvements in Internet Explorer for Windows Server 2003, Windows XP SP2, and IE 7. Prior to that, Rob worked on Corporate deployment features such as Group Policy and the Internet Explorer Administration Kit. When he’s not working, he can usually be found cycling around the Seattle area or boating on a nearby lake."