I recently got a Pixel 6. It’s great. For the previous 3 and a bit years I had been using a BlackBerry Key2. There was lots I liked about the Key2, but 3 years later I had never received an Android version update. I was still getting security updates, but I decided with the Pixel 6 launch it was time for an update.
Continue Reading Android: Email AppsI recently obtained two Yubikey security keys to boost my personal and professional security. I picked up one Yubikey Bio and one Yubikey 5 NFC. They recommend that you always have a backup in case you lose one, and from what I had learned, I wanted the Bio in several services that would support it, but also the 5 NFC for other services and for mobile NFC authentication.
It’s now been a week, so here are some initial thoughts.
Continue Reading Yubikey: Early ImpressionsIf you’ve been paying attention to Microsoft 365 products in the last 5 years or so, you’ve likely noticed that things have moved toward a much flatter architecture where users have more freedom to set up their own Teams / SharePoint sites, etc. In many ways this is great, but it does carry some risks of sprawl caused by users casually creating data structures and then forgetting about them.
Fortunately, Microsoft does offer some mechanisms in the Teams lifecycle to help with this.
Continue Reading Microsoft Teams: LifecycleIf you’re an IT admin, do you know what apps users are putting on devices alongside company data? Do you know all the apps that they are directly putting company data into, thinking it helps solve a problem for them? This is the problem of “Shadow IT.” If it’s a personal device, it’s even worse, as they might be installing all kinds of insecure apps without IT approval and it wouldn’t take much to make a mistake like copying and pasting company data or uploading a file into the wrong app.
Continue Reading Microsoft Cloud App SecurityYou’ve got your devices enrolled in Endpoint Manager. Now what? This opens up lots of tools including configuration policies.
Configuration policies allow for quickly rolling out the desired configuration to the device, without the user having to manually set it up. This can include a lot of different settings and vary by the operating system of the device. Some of the more interesting tools for Windows 10 includes:
Continue Reading Microsoft Endpoint Manager: Device Configuration PoliciesPasswords are inadequate. Even for standard consumer tools, you should have at least two more tools in your toolbox: a password manager and multi-factor authentication. Those help make passwords suck less. But they do leave open some questions like: should you need to perform multi-factor authentication every time you log in? Should access be all or nothing, or should there be any accounting for degrees of risk?
Continue Reading Azure AD: Conditional Access PoliciesWhen I work on a website, especially once I need to deploy some custom code, I have several tools at my disposal I want to set up. Here’s what those tools and that setup process looks like. For the purpose of this post, I’m assuming I already have the SFTP and SSH credentials from the website host.
The one-time need is to prepare my SSH keys. This requires three files which can be created with PuTTYgen, part of the package that comes with PuTTY.
Continue Reading My (Freelance) Web Development WorkflowData Loss Prevention in Microsoft 365 is a feature that helps prevent loss of sensitive data (that makes sense) coming out of your system. This can be within emails or within files, although the latter requires a higher license. Here’s how it works.
Continue Reading Data Loss Prevention (DLP) PoliciesThe platform I worked with more than any other in my previous job was CiviCRM. CiviCRM is an open-source CRM system aimed primarily at non-profits that builds on top of an existing WordPress, Joomla, or Drupal website. Drupal is the most powerful because Drupal has great permissions control already and CiviCRM can tie in to those, but the others are fine, too.
After a few years, I have a pretty good sense of the strengths and weaknesses that CiviCRM offers and will do a quick breakdown here.
Continue Reading CiviCRM: OverviewIn episode 3 of The Flight Attendant (HBO Max), Megan agrees to do some corporate espionage against her husband’s large company. It isn’t clear what the company is – maybe it will explain as the story continues in later episodes – but it is clear that he has access to some significant trade secrets. So Megan encourages her husband to bring his laptop home, then casually finds the file and copies it to a jump drive.
Two things immediately stood out to me as problems with this scene from a basic IT security perspective.
Continue Reading IT on Film: Flight Attendant Episode 3