My Tech Books – 2019

Tech is as much a lifestyle choice these days as it is a career. The geeks and nerds have risen to rule the world. Don’t believe me? Ask Bill Gates! Sometimes it is good to step back and take a wide look at how technology has changed the world we live in – for better and worse. My selection below I have found to be enjoyable and thought provoking in many different ways and I recommend them to everyone who is interested in tech.

You can follow all the books, tech, business, non-fiction I read and want to read over at Goodreads where I have an account. You can also view my activity via:

https://www.goodreads.com/director_cia

or just follow me on Facebook:

www.facebook.com/ciaops

1. Daemon – Daniel Suarez [Fiction]

A glimpse into the future of where drones and augmented reality may take us. That may not necessarily be a good place either.

2. Freedom TM – Daniel Suarez [Fiction]

A follow up to Daemon. What happens when technology dominates the world? Who benefits?

3. Ready Player One – Ernest Cline [Fiction]

Much like the Matrix. What is life like if you live inside the machine? You can be just about anyone you choose. I also love this book for all the retro technology that was part of my life. TRS-80 anyone? This book has become so popular that there is now a movie. Believe me, the book is better.

4. Future Crimes: Inside the Digital Underground and the Battle for our Connected World – Marc Goodman [Non-fiction]

Technology will ultimately doom us all I believe because we are building our world on stuff that unfortunately places a low regard for security and privacy. This book will show you why that is a road to ruination.

5. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon – Kim Zetter [Non-Fiction]

If you don’t believe cyber warfare is real then read this book to understand how software is now a weapon as potentially devastating as any nuclear device.

6. Beyond Fear: Thinking Sensibly about Security in an Uncertain World – Bruce Schneier [Non-Fiction]

Security is important but it is important in context. We need to be rational when we consider our security not emotional. A great level headed approach to how we need to be secure.

7. American Kingpin: The Epic Hunt or the Criminal Mastermind Behind the Silk Road – Nick Bilton [Non-Fiction]

An amazingly detailed book on the rise and fall of Ross Ulbricht, the creator of the Silk Road web site. In here are asked to think about whether technology plays something more than a neutral role in today’s world.

8. The Cuckoos Egg – Clifford Stoll [Non-Fiction]

Before the Internet was in the public sphere it existed in the world of academia. This is the story of how one man’s search for the source of an accounting error uncovered something are more sinister.

9. Takedown – John Markoff and Tsutomu Shimomura [Non-Fiction]

The pursuit and eventual capture of notorious hacker Kevin Mitnick makes for great reading.

10. Hackers: Heroes of the Computer Revolution – Steven Levy [Non-Fiction]

Ah, the good ole days when it was more about proving how smart you were than trying to actually cause harm. If you think hacking is something new, then you’re in for a surprise with this book

Need to Know podcast–Episode 200

Well we made it! 200 episodes are now done and dusted. We thanks our special guests for attending this episode live, Mark O’Shea and Marc Kean. Of we can’t forget the co-host Brenton Johnson, who helped make this episode special. We’d also like to thank everyone who shared best wishes and congratulations. It is fantastic to know that people are out there and enjoying what we put together.

This of course is only the beginning of the march towards our next 200 episodes and we hope you’ll all join us for the journey. We’ve come a long way in around 10 years of podcasting and so too has the Microsoft Cloud. What’s it going to be like in another 10 years? Join us on the journey.

Thanks again to both Mark O’Shea and Marc Kean for being part of our special episode and supporting the podcast over the years.

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-200-lets-celebrate/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

Microsoft Ignite sessions on YouTube

My Business Books–2019

I didn’t get through as many books as I would have liked this year, even though I did a lot of travelling. To be honest, I found a of well recommended books were simply duds for me. I have them on the bookshelf to revisit at later stage when the learning may sink in. But here again are what I believe are the ‘must read’ business books, in order, adjusted for 2019.

You can follow all the books I read and want to read over at Goodreads where I have an account. You can also view my activity via:

https://www.goodreads.com/director_cia

or just follow me on Facebook:

www.facebook.com/ciaops

Here’s my current top business books in order:

1. The Art of War – Sun Tzu

The all time classic on strategy. As relevant today as it ever was. A very short read but very deep.

2. The Millionaire Fastlane – M.J. DeMarco

I love the brutal honesty of this book. It doesn’t mince words about what it takes to shift from a pay check to actually living the life you want.

3. The Tipping Point – Malcolm Gladwell

The world is all about not what you know but who you know. This book explains exactly how this works and how to use it to your advantage.

4. The Four Hour Work Week – Tim Ferriss

Many people believe this book is about shirking responsibility. It is in fact a blueprint for how to free up your time to do things you want and enjoy. It will challenge the way you look at your career.

5. Secrets of the Millionaire Mind: Mastering the Inner Game of Wealth – T. Harv Eker

The successful are defined by a different mindset. This mindset can be learned. It can be trained. This is a great book to show you how to do just that.

6. Talent is over rated: What Really Separates World-Class Performers from Everyone Else – Geoff Colvin

Demonstrates that the best comes from implementing a system. Having a system allows you to focus on the right thing and do that work that is required. If you want to take yourself to an elite level, beyond just good, then read this book.

7. Book Yourself Solid: The Fastest, Easiest, and Most Reliable System for Getting More Clients Than You Can Handle Even If You Hate Marketing and Selling – Michael Port, Tim Sanders

You can’t survive in business without a steady flow of customers. Selling to people is the wrong approach, you instead need to attract them to your business. This book helps you achieve exactly that.

8. Profit First: A Simple System To Transform Any Business From A Cash-Eating Monster To A Money-Making Machine – Mike Michalowicz

Business is about making a profit. This then gives you the freedom to do what you want with that profit. This book helps you focus on profit and setting up systems to make the most of the profit you generate.

9. Barking Up the Wrong Tree – Eric Barker

Conventional wisdom does not always apply and in some case can actually be detrimental. Challenging what is taken for granted should be in the play book of everyone who wants to achieve at the highest level. Important lessons can be learned in the strangest places and form the strangest people. Have an open mind and you might be surprised at what you have believed to be bad in fact turns out to get just what you need.

10. Unbeatable Mind: Forge Resiliency and Mental Toughness to Succeed at an Elite Level – Mark Divine

Another mindset book. Business is not always going to be easy or take the intended route. This is when you need to have the determination to see your plans through to success. This book shows you how to develop the mental toughness to make this happen.

11. The E-Myth – Michael Gerber

The classic on ‘procedurising’ your business and creating a structure that doesn’t need you to survive. The simple secrets inside this book can transform any business from hardship to joy.

12. Tools of Titans – Tim Ferriss

There are few books that take the learnings for so many exceptional people and puts them at your fingertips. This is one such book that packs a lot of business and life learnings between the covers.

13. Predictably irrational: The Hidden Forces that Shape our Decisions – Dan Ariley

Although we like to think logic and rationality rule our world emotion is by far the more powerful influence. Understand this in the context of business and you are well on your way to understanding why people make the decisions they do and how to best profit from them.

14. Extreme Ownership – Jocko Willink and Lief Babin

Moving beyond blame is tough. This book illustrates the ownership of the problem and the environment is a key to success in the military or in business. It is a path few will elect to take voluntarily, however more may do so after reading this.

15. Peak Performance: Elevate your game, avoid burnout and thrive with the science of success – Brad Stulberg

Success is largely about developing a winning system. This book show you how to approach that pragmatically. If you want to see results use this book to help you build the system.

16. Blink: The Power of Thinking Without Thinking – Malcolm Gladwell

The older you get the more experience you get. This experience is aggregated in your ‘gut feel’. Trusting your ‘gut’ may not appear rational but this book will help you understand why it is in fact your best option in many cases.

17. The Now Habit: A Strategic Program for Overcoming Procrastination and Enjoying Guilt-Free Play – Neil A. Fiore

Plenty of great productivity learnings in here that help you take action. It shows you how to focus on the right stuff in the right priority. Even if you are not a major procrastinator there is plenty in this book that you can take away.

I do need to dedicate more time to reading in 2019 but have struggled somewhat in 2018 due to the number of dud reads that appeared worthwhile. That’s the challenge of finding those real gems and hopefully my list give you some inspiration to try a few from my list.

Let me know what you think. Do these work for you? What’s your top business reads? I’d love to hear.

Live Write issues posting images to Blogger

Open Live Write is currently unable to post images to Blogger. An error 400 appears when posting. I’m not the only one having the issue as evidenced here:

https://github.com/OpenLiveWriter/OpenLiveWriter/issues/786

and on Google

https://productforums.google.com/forum/#!topic/blogger/nJbedfynH7o

Appears to be an issue with the Google side of things.

Hopefully, we can get someone to look at this so I won’t to keep using sign language here!

CIAOPS Techwerks whiteboard training–Sydney 31 January

I’ll be hosting an all day focused, hands on, technical whiteboard training session on Microsoft Cloud technologies (Office 365, Microsoft 365, Azure, etc) in Sydney on Thursday January the 31st 2019. The course is limited to 15 people and there are still a few places available if you wish to attend.

The content of these events is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into Intune, security and PowerShell configuration and scripts, however that isn’t finalised until the day.

The CIAOPS Techwerks events are run regularly in major Australian capital cities, so if you can’t make this one or you aren’t in Sydney on that date, stay tuned for more details and announcements soon. If you are interested in signing up please contact me via emails (director@ciaops.com) and I can let you know all the details as well as answer any questions you may have about the event.

I hope to see you there.

Using multiple authenticator apps with a single Microsoft 365 user account

One of the best ways to ensure an account is secure is to enable Multi Factor Authentication (MFA) for it. This means, the user logs in as normal with their username and password but before the login process is complete they must enter another form of verification. That form is typically via an SMS, Phone call or an authenticator application on their mobile device.

The best practice with Microsoft 365 is to use the Microsoft Authenticator app, which is available on both iOS and Android. Here’s an overview video:

The way that you set up MFA for a Microsoft 365 account is to login to the Microsoft 365 portal as an administrator and navigate to the Admin center.

Then do a search for MFA as shown above. One of the returned results should be Azure multi-factor authentication settings as shown, which you should select.

You should be aware that here you are configuring Multi-Factor Authentication for Office 365 which is a subset of all the features available in Azure Multi-Factor Authentication. You can see the feature comparison here:

MFA version feature comparison

All versions of Office 365 and Microsoft 365 come with Multi-Factor Authentication for Office 365 the more advanced Microsoft 365 plans, such as E3 and E5 come with Azure Multi-Factor Authentication. The discussion here is focused on Multi-Factor Authentication for Office 365 and this applies to all plans.

After selection of that option, a notification should now appear from the right of the windows. Select the Manage multi-factor authentication link that appears as shown above.

This should take you to a list of your users as shown above. This will show the MFA status of each user. The above shows you that Alex Wilber currently has an Enforced setting, while everyone else has Disabled.

Select the user you want to enable on the right and then select the Enable link on the right as shown.

You should now see the above message. Select enable the multi-factor auth button to continue.

After a moment or two, you should receive confirmation that MFA is now enabled for the account as shown above. Select the close button to continue.

As shown above, you will now see that the status of that user is now Enforced. This means that they have yet to complete their MFA enrolment. Once they have, their status will change to Enabled.

After the user enters their login and password into the Office 365 tenant the next time they login, they will see the above message telling them they basically need to enrol in MFA.

They should now see a screen like that shown above. In this case we are going to use a Mobile app as a means of authentication so we select that option from the top box. In the, How do you want to use the mobile app? box select Use verification code. This will request the user to end a unique code from the authenticator app to verify their identity during login. There is also the option to receive push notifications BUT if you are going to be using multiple authenticators then best practice is not to do this, and I’ll detail why further down when I talk about the scenarios where this multiple authenticator environment can be used. For now, select Use verification code and then the set up button underneath.

You’ll now see a QR code like shown above that you can use with your Microsoft Authenticator app. However, using this does come with limitations.

Firstly, this method doesn’t support third party authenticator like Google Authenticator or Lastpass Authenticator.

If you try to use those you’ll get an error like you see above and be unable to configure the third party authenticator.

Secondly, if you try and use the same QR code on another device running a second Microsoft Authenticator app then you’ll see the above error, basically telling you that the QR code has been used before (which it has).

The trick to overcoming both of these limitations is to select the link Configure app without notifications to the right of the QR code as shown above.

When you do so, you’ll get a new QR, that looks very similar but has different wording a link.

You can now use this QR to set up multiple Microsoft Authenticator apps on different devices as well as third party authenticators. You may also want to take a screen shot of this QR code for future reference if you wish to set up or reconfigure authenticator devices in the future.

Some considerations here. All devices you now use with this QR code will configure the same identical sequence of rolling numbers for authentication. Thus, when you configure multiple devices this way you’ll see that the pin numbers will be identical on all devices and will change more or less at the same time. What you have effectively achieved here is a duplication of the MFA token for that user. Is that a good thing? Best practice is to only have ONE and only ONE authenticator per account but there are scenarios I will illustrate later where having a duplicate is acceptable. However, please remember, the more tokens you have for an account, the less secure it is.

Once you have used the QR with all the devices you wish to use, select Next and then Next. You’ll then be prompted to enter a verification code from any of the devices (as they all show the same code now anyway) to verify the account set up. Enter the code and continue.

You’ll then need to enter a phone number as a fall back option. Select the Next button when this is complete.

You’ll then see a single app password you can use if needed, but best practice is that you shouldn’t be using these so select the Done button.

Now when the user logs in to Microsoft 365, they’ll enter their login and password as before but then also be prompted for a code from an authenticator. If you have duplicated the authenticator as shown above, the code on the devices will be the same and thus all you need to access that account is any of the devices just configured.

So where might a duplicated authenticator make sense? Perhaps as an administrator of a tenant I move between different locations and devices. Or perhaps I want to have the same code for everyone using authenticators for access. Perhaps different people need to read me the code from an authenticator on their device. There are scenarios where duplicated authenticators may make sense, so it is an option if needed.

Duplicating authenticators is probably ok if there is only one user accessing the account, but what happens when multiple need to access the one account using MFA? They should use a unique authenticator as best practice I would suggest.

To set up multiple unique authenticators (rather than just duplicates), complete the above process but just for a SINGLE authenticator app. Again, it is recommended not to enable push notifications and just use a pin code entry. Once the single MFA has been configured for the account, login to that account using MFA. Select the user icon in the top right of the screen. That should display a menu like shown above. From this menu, select My account.

In the window that appears, locate the Security & privacy section and select the Manage security & privacy button.

Now select Additional security verification at the bottom as shown above.

This will display two additional options as shown. Select Update your phone numbers used for account security.

This should display the above options, where you can configure the MFA settings for the account. At the bottom of this screen you will see that there is already one Authenticator app, which is the initial one configured for the account. To add a second independent authenticator tied to this account select the Set up Authenticator app button as shown.

This should display the now familiar MFA configuration window as shown above. The default option will be for push notifications. This means that any time the account logs in a push notification will be send to ALL the authenticator apps configured to this account whether they have been set up as duplicates or separate authenticators. As mentioned previously, this option also only allows a single Microsoft Authenticator configuration and no third party options.

Thus, best practice is again to select the Configure apps without notifications link on the right to make more authenticator options available.

This will again give you a slightly different screen with a QR code to configure the authenticator device. Remember, here you are not duplicating the existing authenticator that was created initially, you are creating a separate independent authenticator app that is tied to the same user account.

When you have completed the configuration process for this authenticator you’ll again need to verify it as shown above.

When you return to the Additional security verification screen you will now see two authenticator apps at the bottom of the screen as shown above.

This might appear confusing, but in my example I configured two different authenticator apps independently on the same device (one Microsoft, one Google). If you configure authenticator apps on two different physical devices it should look more like the above where you can tell the difference between the devices. In my experience, if there is ever confusion or duplicates, the more recent configurations appear at the top of the list if you ever wish to delete one.

You may want to ensure that you DON’T select the option to Notify me through app, because doing so will send a push notification to all configured and supported apps for verification. If you have different people, all with their own authenticator app configured, on separate devices, you don’t want them all getting a notification when ANY one of them attempts to login to the account. Not only is it annoying, but any of the other devices can approve the login request, even though they didn’t initiate it. You can use the notification option for authentication if you wish BUT, use it with care and an understand of the risks it brings.

The above shows you that I have configured authentication on two separate devices (Android on left, iPhone on right). Note how the time is the same on each device, along with the account it protects. You’ll also notice that one device is using the Google Authenticator while the other is using the Microsoft Authenticator, just to show you that you can mix and match authenticators as you please. These are two independent authenticators tied to the one account as I have just shown you how to configure. Thus, if I now try and login to the configurated account, I use the one user name, plus the one password and either of the two numbers on the authenticators I have configured on these devices.

Now, where does this multiple authenticators to a single Microsoft 365 account make sense? The most common scenario is for IT resellers who need to support multiple customer tenants with multiple technicians securely using MFA. A typical scenario would be to configure a single management account in each customer’s tenant that is a global administrator for the tenant. That account would have an initial MFA authenticator enabled during set up. Then, for each technician who needs access, each of their personal devices would also be enabled for MFA on that same single customer admin account using the process I detailed above. Thus, the admin login details would be shared amongst the technicians along with the password BUT each would use their own authenticator app to gain access to the customers management account. Thus, each technician use the same username and password to access the account but a unique MFA pin code that is generated on their own personal device and is unique to them.

In the event that a technician leaves, the IT reseller could merely remove that technician’s authenticator app from the customer’s admin account and probably change the password and re-share that updated password amongst the remaining technicians. In an environment with lots of tenants and technicians, manually doing this would be time consuming. I’d be confident that this process could be scripted using PowerShell but can’t say for sure until I look at that in more detail. Stay tuned. But at least you can have multiple technicians accessing multiple shared accounts with their own unique MFA authenticator app.

So there you have it. Yes, it is possible to have multiple authentication apps providing MFA to a single Microsoft 365 account. Yes, it is possible to achieve this with both Microsoft and third party authenticator apps. Yes, it is possible to have duplicate and independent authenticator configurations for one account. And finally, YES, it makes an account LESS SECURE by having multiple authenticator apps configured against a single account, so use with CARE and THINK before you implement.

My Apps – 2019

I will happily admit that I am not a big app user. I have a number of keys apps that I use all the time and many that I test. However, the ones I test normally don;t last long and get deleted. I like to keep my devices as clean as possible rather than being filled with lots and lots of random apps.

To see what I was using at the beginning of last year check out the article:

My Apps – 2018

My most used apps on mobile devices over the last year were:

Podcast Addict – for all my podcasts. Easy to use, listen and update as well as working in the car thanks to Android auto.

Google Authenticator – used to provide two factor authentication for access to Google accounts as well as for Lastpass password manager.

Microsoft Authenticator – I use this for a number of select web sites as well as Office 365.

Android auto – connects to my daily drive to provide the ability to listen to podcasts (via Podcast Addict) as well as use Waze for navigation.

OneNote – is a must on every device I own. Syncs all my notes to every device. Allows me to not only truly have my information everywhere I am but also capture information quickly and easily.

Office Lens – available on all platforms. Allows capturing of information such as documents, whiteboards, etc to OneNote. I have written about the importance of this app previously:

A mobile device must have

Tripview – One of the few apps that I have happily paid for. I use this to let me know the Sydney train schedule to help me get around when I need to negotiate the ‘real world’.

Audible – If I can’t read my Kindle then I can normally always listen. This app allows me to listen to my audio books where ever I am.

Amazon Kindle – If I don’t have access to my Kindle then I can still read my books. In my case that will most likely be on my iPad. I also use the Kindle app on the iPad when the ebook has a lot of images that sometime don’t display well or are too small for the Kindle device.

The following as currently only iOS:

Oak – For mindfulness, breathing and meditation

Rode Reporter – which I use for recording many of my presentations when I am out on the road.

Of course I have all the social media apps, such as Twitter, Linkedin and Facebook on my devices.

I also have all the Microsoft/Office 365 apps. The ones I use the most are probably To-Do, Outlook, SharePoint, OneDrive, Teams and Yammer, although Word and Excel also get used regularly. Just about every Microsoft Office 365 service has an app that you should have on your mobile device.

I’ve also added the Intune app to all my devices so they can be better managed.

I use the Microsoft Next Lock Screen on my Android device.

Some occasional ones I use include:

– Meetup

– Pocket

– Duolingo

The above are my used apps across my various mobile devices. I certainly use a wide variety of apps on my devices by prefer the desktop versions if available simply because my finger are too fat and my patience too short to be productive for long stints on mobile devices. My kingdom, my kingdom for a full keyboard and screen I cry.

Become Microsoft 365 Certified with CIAOPS

I’m pleased to announce that I’m taking all of my experience as a Microsoft Certified Trainer and learnings with Microsoft 365 and creating a 7 week intensive study program dedicated to helping people pass the recently announced Microsoft MS-100 certification exam.

In broad strokes this exam covers:

– Design and Implement Microsoft 365 Services

– Manage User Identity and Roles

– Manage Access and Authentication

– Plan Office 365 Workloads and Applications

The CIAOPS program will provide 2 hours per week of presented content (lecture + lab) as well as additional content each will be expected to completed and submitted prior to the next week. In my experience, having ‘required homework’ is the best way to ensure that you are learning the content. All the material will be available in a downloadable portable for access on demand (including presented content). Having the material on demand means that you can attend this course even if you can’t make the live sessions.

This program is limited to a maximum of 15 students and is filling fast, so if you want to take advantage of this round then please contact me via email (director@ciaops.com) to express your interest. The cost for anyone not in my CIAOPS Patron program is AU$399 inc GST for all the material.

You may want to read my thoughts on why I believe certification is becoming increasingly important with the cloud:

The benefits of certification

Stay tuned for more certification training programs like this that will be available from the CIAOPS.