Month: January 2018

HBUDS Bluetooth Headphone review

Full disclosure – I was provided a unit for review

clip_image001

I was impressed with the unit even before I opened it. The packaging was high quality, even with a magnet grab to seal on the container. The packaging was not the usual flimsy or plastic style container of so many similar products. In fact, the outer box is so nice I’m going to keep it! So a 10 out of 10 for the packaging.

clip_image002

Inside the packaging are the earphones themselves, a range of different ear buds (to suit different people) which is really handy. How many times have I had a set of earphone and lost one earpiece only to have to throw out the whole thing out and get a new one. It is really nice to be provided with some spare earpieces. Inside you’ll also find a USB charging cable, a handy pouch to carry everything in while travelling (big bonus for me) as well a set of instructions. So a 10 out of 10 for the contents with everything required actually inside.

clip_image003

Normally, the instructions you receive are typically too small to read, have all the languages mashed together so you have to find the ones you understand and basically lack simple pictures to show you how to get started. Not here. The manual contains simple and straightforward instructions with lots and lots of picture to help you work out how to get everything working. 10 out of 10 again for the manual, which is easy to read, detailed and contains plenty of pictures.

With the unit now free from its packaging it was simple matter of hooking it up to a USB with the cable provided to charge it up prior to use. Again, the manual provides excellent clear instructions on how to make all of this happen.

After a short period of time the headset was charged and I paired to my phone. Now Bluetooth pairing can be tricky at times, given two different devices and one without a screen. I found it best to wear the headset so I could hear the commands and then do a manual find on my phone. Although not 100% seamless it was pretty close and the fault could have been mine or my phone so no deductions for the headset.

With the headset now fired up and connected I proceeded to listen to podcasts, music and take phone calls. The sounds quality was excellent and the reduction in ambient noise was good. The unit fitted snuggly and around my ear and provided enough distance from my ear to avoid any interference or irritation. The unit is light yet attaches quite sturdily and at no time did I feel it was going to fall off.

Working with headset on is always a bit of challenge to remember what all the buttons do and how long you need to hold them down for to perform their function. The main functions like volume, on/off, accept/decline calls are pretty straight forward but things like redial I’ll need to memorise. The main button give a nice click to indicate on/off as it is easy to determine whether it is being pressed. Likewise, the volume button are easy to find and large enough to work with fat fingers like mine, unlike some other units I have used. So 10 out of 10 here as well, especially when compared to other headsets.

It is hard to fault this unit. From the packaging to the instructions to the setup and use, it really is a high quality products that a lot of thought has clearly been invested. I thoroughly recommend this if you are in the market for such a device and am now happily using it to listen to music, podcast and take calls no matter where I am. My only ask would be perhaps a small container, separate from the packaging in which I could store the spare ear buds, however this is a minor issue on what is a really top quality unit. Highly recommended.

These headphones are currently on sale and the current price is really a bargain, so act fast!

Here are the links to the different versions on Amazon:

Black: http://amzn.to/2DLQzjL

White: http://amzn.to/2nednON

Purple: http://amzn.to/2GivUlB

Create a Safe Attachment policy with Office 365 ATP

image

When you have Office 365 Advanced Threat Protection (ATP) you should ensure that you actually go in a create a Safe Attachments policy because I don’t believe one is created by default.

You’ll need to login to your Office 365 portal as an appropriate administrator and then navigate to the Security and Compliance portal as shown above.

From the menu on the left select Threat management. This should reveal a number of additional options. From those that appear, select Policy.

You should now see a number of options on the right hand side as shown above. Locate and select the ATP safe attachments option.

image

You should now be in the Safe attachments area as shown above.

image

Starting at the top of the page, ensure you have the Turn on ATP for SharePoint OneDrive and Microsoft Teams checked as shown.

image

In the lower area you will see that no policies exist. To create a policy select the + (plus) icon.

image

Give the new policy a name and select the action that will be taken from the options below. In this case I have selected the Replace option.

image

You can enable redirection if you wish.

image

You now need to create the rules for this policy. if you want everything checked select the option The recipient domain is and then all the domains you have in your Office 365 tenant.

Save the configuration by using the button at the bottom of the screen.

image

The update will be processed and applied.

image

When you look at the Safe attachments page now you should the policy as shown in place.

To read more about safe attachments in Office 365 Advanced Threat Protection see:

Office 365 ATP safe attachments

January Azure Webinar resources

Slides from my January Azure webinar are now available at:

CIAOPS Need to Know Azure Webinar – January 2018

The recording is also available at:

http://www.ciaopsacademy.com.au/p/need-to-know-azure-webinars

which CIAOPS patrons get free access to as part of their subscription.

This webinar set the ground work for upcoming monthly webinars that will go deeper into Azure features and abilities.

So make sure you sign up for next month’s webinar.

January Office 365 Webinar Resources


The first webinar for the new year. Thanks to anyone who attended.

Slides from this months webinar are now available at:

https://www.slideshare.net/directorcia/ciaops-need-to-know-office-365-webinar-january-2018

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

http://www.ciaopsacademy.com.au/p/need-to-know-webinars

We looked at user management in this session.

Watch out for next month’s webinar.

My Tech Books – 2018

As much as business books are the mainstay of helping you grow a business, I would assert that there is a place for good fiction and non fiction as a way of expanding what is possible and what we may see with technology in the future. From such ideas, opportunities flow and in this ever changing world of technology, what is fiction today becomes fact tomorrow.

Below is a list of tech (both fiction and non-fiction) that I have really enjoyed and recommend to anyone interested in technology and the impact it may play in our lives down the track. Many books are ‘hacker’ style stories about the security challenges our technology creates thanks to it’s intersection with humanity. I think that technology simply magnifies the good and the bad. What do you think?

You can follow all the books, tech, business, non-fiction I read and want to read over at Goodreads where I have an account. You can also view my activity via:

https://www.goodreads.com/director_cia

or just follow me on Facebook:

www.facebook.com/ciaops

1. Daemon – Daniel Suarez [Fiction]

A glimpse into the future of where drones and augmented reality may take us. That may not necessarily be a good place either.

2. Freedom TM – Daniel Suarez [Fiction]

A follow up to Daemon. What happens when technology dominates the world? Who benefits?

3. Ready Player One – Ernest Cline [Fiction]

Much like the Matrix. What is life like if you live inside the machine? You can be just about anyone you choose. I also love this book for all the retro technology that was part of my life. TRS-80 anyone?

4. Future Crimes: Inside the Digital Underground and the Battle for our Connected World – Marc Goodman [Non-fiction]

Technology will ultimately doom us all I believe because we are building our world on stuff that unfortunately places a low regard for security and privacy. This book will show you why that is a road to ruination.

5. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon – Kim Zetter [Non-Fiction]

If you don’t believe cyber warfare is real then read this book to understand how software is now a weapon as potentially devastating as any nuclear device.

6. Beyond Fear: Thinking Sensibly about Security in an Uncertain World – Bruce Schneier [Non-Fiction]

Security is important but it is important in context. We need to be rational when we consider our security not emotional. A great level headed approach to how we need to be secure.

7. American Kingpin: The Epic Hunt or the Criminal Mastermind Behind the Silk Road – Nick Bilton [Non-Fiction]

An amazingly detailed book on the rise and fall of Ross Ulbricht, the creator of the Silk Road web site. In here are asked to think about whether technology plays something more than a neutral role in today’s world.

8. The Cuckoos Egg – Clifford Stoll [Non-Fiction]

Before the Internet was in the public sphere it existed in the world of academia. This is the story of how one man’s search for the source of an accounting error uncovered something are more sinister.

9. Takedown – John Markoff and Tsutomu Shimomura [Non-Fiction]

The pursuit and eventual capture of notorious hacker Kevin Mitnick makes for great reading.

10. Hackers: Heroes of the Computer Revolution – Steven Levy [Non-Fiction]

Ah, the good ole days when it was more about proving how smart you were than trying to actually cause harm. If you think hacking is something new, then you’re in for a surprise with this book

Windows Autopilot Deployment heading to Azure portal

image

If you go to Intune in the Azure Portal, then select Device enrollment, then Windows enrollment, you see some new options for Windows Autopilot deployment as shown above.

If you need a refresher on where the settings where originally check out my previous article:

Introduction to Windows Autopilot

image

The above is what the deployment profiles option look like when you go there.

Here’s what it looks like in the original Business portal.

image

There isn’t a place to upload the machine identification file as yet in Azure as you can see here:

image

However, I would assume that it is coming.

So, keep your eyes posted to the Azure portal for more additions for Windows Autopilot.

Adding Apple MDM push certificate to Intune

When you start using Intune with services like Microsoft 365 Enterprise or stand alone you’ll need to add an Apple MDM push certificate to allow iOS devices to be managed by Intune. If you don’t, you’ll get errors when you try and add these devices.

Here’s how you create and add an Apple certificate to Intune.

clip_image001

When you initially go into Intune via the Azure portal you’ll need to set the Mobile Device Management Authority as shown above. Simply select the option for Intune MDM Authority and the Choose button to save the choice.

clip_image001[6]

In the list of Intune options, under the Manage heading, select Device enrollment.

clip_image001[8]

From the blade that appears, select Apple enrollment from the menu and the right side will then show a number of boxes.

clip_image001[10]

Select the box in the top left that should have the heading Apple MDM Push Certificate.

clip_image001[12]

Another blade will open. Under Step 1, select the Download your CSR hyperlink.

This will prompt you to save a file called IntuneCSR.csr to your computer.

clip_image001[14]

In Step 2, select the hyperlink Create your own MDM push certificate.

image

This will open a new tab in your browser and take you to the above Apple site. You’ll need to have or create an Apple ID to login here.

clip_image001[16]

You’ll need to accept the Terms of Use.

clip_image001[18]

You’ll need to create a new certificate. To do so, select the option to Browse at the bottom of the window as shown above.

Navigate to the certificate file you downloaded from the Intune portal previously.

Then select Upload.

clip_image001[20]

Next, select to Download the certificate created by the Apple site.

clip_image001[22]

Return to the Intune portal and insert the Apple ID you used to create the certificate in Step 3.

In Step 4, upload the Apple certificate.

When complete, select the Upload button at the bottom of the page.

clip_image001[24]

When you now look at the Intune portal the Apple MDM Push Certificates should now show a green tick, as shown above. This will now allow you to place iOS devices under Intune management.

image

Office 365 Cloud App Discovery

In today’s security environment it is really no longer possible for human beings to manage security, it typically needs to be out sourced to software. Signature based security is too slow to keep up with constantly changing attacks and the best way is to look for anomalies in behaviour patterns.

Office 365 Cloud App Security is service that is included in E5 licenses but also available as a separate stand alone purchase (called Microsoft Cloud App Security in the store). Unfortunately, you can’t add Office 365 Cloud App Security to Business plans only Enterprise plans.

Basically, Office 365 Cloud App Security allows you to configure policies that trigger alerts for specific activity as well as suspending accounts exhibiting suspicious activity. Let’s see how.

image

To get to Office 365 Cloud App Security you need to navigate to the Security & Compliance Center as an Office 365 administrator. Open the Alerts heading on the left and select Manage advanced alerts from the options that appear.

On the right you will see a check box to Turn on Office 365 Cloud App Security.

image

Once this has been selected you will be able to select the button to Go to Office 365 App Security.

image

On this page you may see a number of policies in place already. Here, I’m going add a new policy. To get to this page again I select the Control option from the menu across the top of the page and then Policies from the items that appear.

To add a policy I now select the Create Policy button on the right as shown above, and then Activity policy from the items that appear. You may have less items in this list, it depends on what licenses you have in place for your tenant.

image

For the Policy Template option I am going to select from a list of pre existing templates and use the Logon from a risky IP address which is described as:

Alert when a user logs on to your sanctioned apps from a risky IP address. By default, the Risky IP address category contains addresses that have IP address tags of Anonymous proxy, TOR or Botnet. You can add more IP addresses to this category in the IP address ranges settings page. 

image

You can see the list of existing policy templates above and of course, you can create your own custom one.

image

Once I have selected the policy I scroll down to the actual rules which appear in the Create filters for the policy section as shown above.

Basically you’ll see in this case that the rule looks at whether an IP is “risky” and the activity equals logon.

You can of course edit or define your own rules here if you want.

image

If you are wondering where the “risky” IP range is defined you’ll find these sorts of things in the upper left under the COG icon as shown above. In this case, look under the IP address ranges.

image

Once you save the settings you’ll be returned to the Policies page where you should now see the new policy as shown above.

image

To test this policy, I’m going to fire up a Tor browser and login to Office 365.

image

As expected, in a very short space of time (note it isn’t immediate. It may take a moment or two to appear) I get an alert and can view these by selecting the Alert option from the menu across the top of the page.

image

If I then click to open one of these alerts and select the General option in the middle of the page I get more information as shown above. You’ll see on the right that the IP category = “Risky” and this is because of a match to Tor and Anonymous proxy.

image

If I now select the User option in the middle of the page I get further information as to which user triggered this as shown above.

image

Likewise if I select the IP address option I get information about the networking in detail.

From here you can take actions on the alerts such as dismissing or digging deeper into the logs.

image

My advice would therefore be to enable all the default policy templates for your tenant as I have done for mine as shown above.

You’ll notice that I also have some custom policies in place as well. One of these is to provide an alert for repeated failed login attempts by a user.

image

Another policy is the one above that monitors logins by global administrators. You’ll see that I also restrict that policy to only apply when I am not on a corporate (i.e. office LAN) IP address.

My advice with custom policies is to start simply and broadly and tighten the rules up over time. There is nothing worse than setting a policy and getting deluged with alerts, so take it slow and increase restrictions over time to ensure you don’t overload yourself with false positives.

As I dig deeper into what is possible more I’m sure I’ll be adding additional policies to keep my tenant secure and provide a level of monitoring that no human could do. However, in today’s environment of increased attached I’d really recommend you look at adding Office 365 Cloud App Security to your tenant for enhanced protection.