Security

Microsoft Teams: Lifecycle

If you’ve been paying attention to Microsoft 365 products in the last 5 years or so, you’ve likely noticed that things have moved toward a much flatter architecture where users have more freedom to set up their own Teams / SharePoint sites, etc. In many ways this is great, but it does carry some risks of sprawl caused by users casually creating data structures and then forgetting about them.

Fortunately, Microsoft does offer some mechanisms in the Teams lifecycle to help with this.

Continue Reading Microsoft Teams: Lifecycle

Microsoft Cloud App Security

If you’re an IT admin, do you know what apps users are putting on devices alongside company data? Do you know all the apps that they are directly putting company data into, thinking it helps solve a problem for them? This is the problem of “Shadow IT.” If it’s a personal device, it’s even worse, as they might be installing all kinds of insecure apps without IT approval and it wouldn’t take much to make a mistake like copying and pasting company data or uploading a file into the wrong app.

Continue Reading Microsoft Cloud App Security

Microsoft Endpoint Manager: Device Configuration Policies

You’ve got your devices enrolled in Endpoint Manager. Now what? This opens up lots of tools including configuration policies.

Configuration policies allow for quickly rolling out the desired configuration to the device, without the user having to manually set it up. This can include a lot of different settings and vary by the operating system of the device. Some of the more interesting tools for Windows 10 includes:

Continue Reading Microsoft Endpoint Manager: Device Configuration Policies

Azure AD: Conditional Access Policies

Passwords are inadequate. Even for standard consumer tools, you should have at least two more tools in your toolbox: a password manager and multi-factor authentication. Those help make passwords suck less. But they do leave open some questions like: should you need to perform multi-factor authentication every time you log in? Should access be all or nothing, or should there be any accounting for degrees of risk?

Continue Reading Azure AD: Conditional Access Policies

My (Freelance) Web Development Workflow

When I work on a website, especially once I need to deploy some custom code, I have several tools at my disposal I want to set up. Here’s what those tools and that setup process looks like. For the purpose of this post, I’m assuming I already have the SFTP and SSH credentials from the website host.

SSH keys

The one-time need is to prepare my SSH keys. This requires three files which can be created with PuTTYgen, part of the package that comes with PuTTY.

Continue Reading My (Freelance) Web Development Workflow

CiviCRM: Overview

The platform I worked with more than any other in my previous job was CiviCRM. CiviCRM is an open-source CRM system aimed primarily at non-profits that builds on top of an existing WordPress, Joomla, or Drupal website. Drupal is the most powerful because Drupal has great permissions control already and CiviCRM can tie in to those, but the others are fine, too.

CiviCRM logo and wordmark

After a few years, I have a pretty good sense of the strengths and weaknesses that CiviCRM offers and will do a quick breakdown here.

Continue Reading CiviCRM: Overview

IT on Film: Flight Attendant Episode 3

In episode 3 of The Flight Attendant (HBO Max), Megan agrees to do some corporate espionage against her husband’s large company. It isn’t clear what the company is – maybe it will explain as the story continues in later episodes – but it is clear that he has access to some significant trade secrets. So Megan encourages her husband to bring his laptop home, then casually finds the file and copies it to a jump drive.

Megan in Flight Attendant
Megan

Two things immediately stood out to me as problems with this scene from a basic IT perspective.

Continue Reading IT on Film: Flight Attendant Episode 3

Security Essentials: Multi-factor Authentication

I typically have two main pieces of advice for basic information that anybody can and should do.

  • Use multi-factor authentication everywhere it is offered
  • Use a password manager to generate good passwords, remember them, and make your life easier with auto-fill

I’ll look at the benefits of a password manager in another post soon. But first, let’s look at multi-factor authentication.

Continue Reading Security Essentials: Multi-factor Authentication