Woot woot ! I have been graciously awarded the Microsoft MVP award for Enterprise Mobility ! So honored..! Thanks to all in the
@MVPAward
program and congrats too to others awarded today. !
So, in light of my friend who was shot to death... she was also a computer security expert (lawyer.) But one thing she didn't do; which I implore you to do.. is have your password manager password WRITTEN DOWN in a SAFE or Safe Deposit box....
#mvpbuzz
Well, I didn't wake up to a letter, so I decided to try to log on to my account anyway. Surprise ! Thank you MVP Program for the honor for (duration) 20 years with (19 awards.)
What IT people miss sometimes, and managers generally miss more times (not 100%, but.. like a lot)... is that any new tech comes with ramp up time. Let's take a non-tech example. This morning a new coffee machine showed up on my front door. My immediate thought is "Woo hoo" fresh
Here's a tech tip if you want to get ahead at your company and be noticed: Be ON TIME or EARLY for meetings (2 minutes is fine.) And have a MIC that WORKS (dont use your laptop mic, it sucks.) Dont be afraid to be on camera and wear a collared shirt or otherwise look
Turns out I was awarded
#mvpbuzz
in TWO categories. Wow.. unexpected, but THANK you. I don't yet see this yet on my profile page, but maybe that updates at some later time and was ONLY shown in the letter I just got. Thanks again to the folks at Microsoft for this dual award !
I'm sure SOME people will give me crap / suggest this is BAD advice.. but an actual frickin' safe (not a toy/strong box) .. or a safe-deposit box is worth the risk of being disconnected from everything in the event of your death.
Another important GP policy setting... mis-created and causing confusion for the masses. Policy Settings should always express what they do in the POSITIVE.. like "Prevent features introduced..." and then ENABLE. No human likes "Enable blah..." / "DISABLED." Brain.. Explode.
I just don't feel like I get the
#mvpbuzz
until I formally get my "chip." Here's my 16th chip. Thanks to everyone who supports my efforts and cares about anything at all I have to say. I'm honored and humbled.
I have argued with so many admins about having different local admin passwords...Use LAPS!! How Lockergoga took down Hydro — ransomware used in targeted attacks aimed at big business
I didn't think gun violence would ever impact me but today is the day. My friend was attacked, and she got shot four times. Now my friend is dead and her kids have no Mom. Sorry, but I had to share somewhere.
Look.. I have no one else to brag to. But I did an amazing thing today. I got TWO internet connections into my house (Comcast and CenturyLink) and a Synology RT6600ax router between them. Now if one feed goes down, my Internet keeps on GOING ! C’mon!!
What are medium sized businesses using for IT to remote control end-user machines (that isn't Teamviewer or Bomgr.) I know of those already. Educate me on products that don't suck.
If you can identify this cable.. you are hella old and a kung fu master. I will let you know when someone gets it right (for me). I suppose there could be more than one right answer.. but I’m looking for the one I used it for.
Make sure at least one person NOT in your household or normal rotation knows how to get access to it; so if you and your spouse go at the same time, someone else can help untangle (what was) your digital lives.
@stephenlrose
@appcompatguy
@appcompatguy
was one of my closest professional friends. One time at dinner, I left my phone at the table... and he picked it up and took this shot for me to discover at a later date. I cannot stop crying I am so, so sad... and will miss him incredibly.
@Scottduf
Unpopular Jeremy opinion since Intune was born: GPresult-like thing for Intune which intelligently expresses on-client policy RSoP. Bonus points if it also told me GPresults AND Intune final RSoP. The HTMLL report we get right now is flat out UN-usable.
@SwiftOnSecurity
Gotta say.. I don’t get it. Ever since forever I’ve seen MS folks walking around with badges which double as smart cards which act as 2fa devices. How can a password spray therefore get someone’s email to open up ??
I'm humbled and honored to be re-awarded in the Microsoft
#mvpbuzz
program for 2020-2021. This is my 15th year overall award. Thank you
@CxPCathy
and
@RochelleSonny
for leading the charge and honoring me with the award. Again, thank you for the support.
@JefTek
Use AUTHY and not Google Authenticator. It JUST WORKS, you can have multiple devices, and you won’t be hurting all over when your phone falls in the toilet. Just get AUTHY and tell 5 friends. Seriously. Just do it.
The point of this tweetstorm is because another friend set up a Gofundme for the kids' "immediate needs." There would be no such requirement if the next of kin had easier access to the password manager.
@NathanMcNulty
@MicrosoftEdge
Not that anyone asked, but .. I generally agree that for Enterprise or Pro SKUs all features should be opt-in ONLY via MDM or GPO setting a thing to Enabled. Its jarring to have NEW RANDOM stuff in Edge every few weeks.
@jsnover
This will always be my favorite memory...of some of my favorite MS and non-MS MVPs besties. Congrats on all you've done and will continue to do. I miss you already... is that possible?
I finally got
@MSFT365Designer
to render something sort of like me. Here was the prompt: "white 37 year old male with a brown goatee (no beard) and thin but dark eyeglasses as a pixar cartoon like character, with a smile on the front, wearing a zipped "Microsoft MVP" racing suit
Awesome review of PolicyPak Group Policy Edition courtesy of
@4sysops
and MVP Joseph Moody. "..Think of something you wish you could do in Group Policy but currently can't...I would be willing to bet that PolicyPak Group Policy Edition can handle it!"
@SwiftOnSecurity
Im about to blow your mind with 100x speed. Ready for it? Attrib /s file.txt. It only has to look at the file lookup table, and not actually scan the whole disk. You’re welcome.
@JenMsft
My philosophy about being a founder / manager for more than 15 years is … basically this, yes. And because I rarely ask people to put in bonkers hours, when the need does arise, they will volunteer because the ask is so infrequent.
What the hell is this madness? I went to Hilton in Edge... and I got prompted if I wanted to "install it as an application." Which I did just to see. Is it this?? Is this widely used and I'm just learning about it now?
Is it wrong to
#humblebrag
about being hand picked to be
@richcampbell
700th show guest? Gotta celebrate sometimes. :) Enjoy the banter and bring your own cake.
It's Show 700! To celebrate,
@richcampbell
and
@jeremymoskowitz
talk about the history of the show, how Windows has changed, the challenges around the pandemic and more on RunAs Radio at - thanks for listening!
So I did full end to end testing of "Disable Internet Explorer 11 As a Standalone Browser" policy that
@teroalhonen
posted about in upcoming Windows 20231. Here's a blog-length article in one screenshot.
I'm starting Thanksgiving off right... by listening to a recorded security training course by
@samilaiho
. Isn't that what EVERYONE does Thanksgiving day on their day off??
Trying to come up with a simple summary of "Windows 11 things" that "Windows 10 cannot do." Security or otherwise. Please pile on and give me one/few things which help me explain that story.
@dwizzzleMSFT
encouraged and all others please.
Will you fine people just STOP making amazing content? Between
@samilaiho
's Saminarium and Sysinternals 25th anniversary and
@xenappblog
Xenappblog show, I have like 200 hours of content to consume. STOP IT. Just STOP IT PLEASE you AMAZINGLY SMART PEOPLE.
Okay Azure/EntraID nerds... I'm getting conflicting stories. Can you force require, say, 15 character passwords for Azure AD joined users -or- can you only do this when sync'd back to on-prem AD? This seems to imply 8-256 chars; but not force 15. Thoughts?
@SwiftOnSecurity
Gods: Assign all GPOs to root of the domain and use
@PolicyPak
and Item Level Targeting which runs faster than WMI queries, easier to troubleshoot and show up in GPRESULT reports. :-)
I have tons of Windows 10 VMware Workstation VMs with multiple virtual processors. Path KB50919959 (2022-11 Update) is barbequing ALL of them. And getting UNSUPPORTED PROCESSOR errors on reboot. Only fix is to rollback, cut v. procs to 1. Bad. Real bad.
Some people are "anti" MVP renewals demonstrations. For me, I think it's great to have a "birthday" once a year, by being recognized by your peers and Microsoft folks. Congrats to all the
#MVPBuzz
people this year and previous years. One an MVP, always an MVP.
@cyb3rops
Using LAPS and then giving those users the “break glass” password is NOT the answer. Use PolicyPak Least Privilege Manager to make specific rules about what IS allowed to run elevated. Don’t run with the scissors.. EVER.
@AdamFowler_IT
@SwiftOnSecurity
And a terribly written policy name. All policy settings should be written like “Prevent access to calc graphing functions.” That way its Enabled (“do this thing”) or Disabled (“Undo a previously set setting. ). Sigh. I remember the good ol days when GP settings were curated.
I like how you set a doctors appointment, say, for 2.30. Then they come in at 3.30 like nothing even happened. I’m going to start doing that in my meetings and see how that goes down.