Last year I wrote an article about:

Core Professional Skills

which are still valid and I encourage you to go and read that article as well as this one.

For this article I want to focus on the more specific core skills for IT Professionals working with Microsoft Cloud Technologies such as Microsoft 365, Office 365 and Azure.

PowerShell

Being able to use PowerShell comfortably in today’s Microsoft Cloud landscape is mandatory I believe. There is so much that you can only do using PowerShell as well as it being the way to be more efficient when managing multiple environments. I am not saying however, that you need to become a developer or start using something like Visual Studio. As I often say, to be proficient in PowerShell you really only need two commands – Ctrl + C and Ctrl + V.

PowerShell allows you to easily take what others have created and run it or improve on it. I fully appreciate however, that getting up and running with PowerShell can be challenging, especially with so many services. With that in mind I wrote this article:

Microsoft Online PowerShell Setup/Update scripts

that will help you get up and running quickly. In fact you’ll find a whole swag of my scripts freely available at:

https://github.com/directorcia

Ensure you check back there regularly as I constant update and add more scripts.

The best way to become familiar with PowerShell is to use it! If you are doing things using the web interface, try replicating that task with a PowerShell script. Yes, it might take a little longer initially, but once you have the script you can re-use it over and over again. That’s one of the benefits of scripting.

PowerShell skills are not merely limited to the cloud, just about every Microsoft product support PowerShell in some form. That is a big differentiator when considering suppliers. For example, if you become a CIAOPS Patron, you get access to a best practices script that I have created and configures over 20 different items and services in a tenant to make it more secure and easier to use. You couldn’t do that easily with different vendors.

An investment in PowerShell as an IT Pro is simply a ‘must’ for anyone who wants to remain relevant in the Microsoft world going forward.

Identity

Understanding identity is something few IT Pros really have a good grip on in my experience, especially when it comes to the cloud. In short, there has to be a single master source of user identity somewhere in the environment. On prem, that was typically the domain controller. In the pure cloud that is Azure AD. However, things start to get complicated when you are talking about Azure AD Connect syncing and stuff like ADFS. This can place identity in multiple locations BUT the master is still in one place (on prem for both again). Now add to the mix things like Azure B2B and B2C, where is the master identity now? Further, add Azure AD Premium and enable attribute write back. Again, where is the master identity? Now add device management with the likes of Intune and you see pretty quickly how all of this stuff depends on identity. Get that wrong and stuff just doesn’t work.

You soon see that identity can involve a lot of moving parts very quickly. However, there are still basic principles that it conforms to, but in my experience few IT Pros seem to know these. Without these basic skills you are going to really end up chasing you tail when troubleshooting or potentially creating security holes during configuration.

Start with understanding the basic three Microsoft Cloud identity models – Cloud only, Synchronised, and Federated. Understand what the fundamental differences are between on premises AD and Azure AD (and there are plenty). Once you have a good grip on that start adding options like B2B, B2C, Azure AD Premium and so on.

Understanding how identity works in a hybrid and mobile world is critical for many aspects today and no more so than security. Spend the time and learn the basics and you’ll greatly reduce the chance of over sights or misunderstandings.

Use the stuff you sell

Another things that constantly amazes me is the number of IT Pros who DON’T use the services like Office 365 they actually sell to customers. Many still use on premises mail servers! Yes, there is an investment to be made coming up to speed with a range of new technologies but the best way to do this is to use them every day and learn in small increments. Simply ignoring them is merely kicking the can further down the road and making the mountain to eventually climb that much higher.

Sure, everything in Office 365 may not be relevant, but IT Pros should know something about everything on there. They should have some very basic idea of what the service does and how it could potentially help their customers. They don’t need to be an expert in it. If need be they can delegate that off to a partner who specialises in that particular service. Office 365 is now so large that most can’t, and shouldn’t do everything. However, they should always have the option to refer a colleague who can help if asked by a customer for anything they don’t know about because sooner or later the customer is going to ask what that service they have no idea about does. Not even knowing the basic of what it does looks really bad.

Some of the services in Office 365 you’ll probably need to play with and work out how they can benefit a business. This make it easier to sell and support customers. A recent good example I saw was a large Microsoft reseller business sending out surveys using the free version of Surveymonkey! Sure Surveymonkey can do the job but what about using Microsoft Forms and then integrating that with Microsoft Flow for automation, because the survey task doesn’t end with just collecting responses now does it? I’ve built a number of automated services in my business using Microsoft Flow, many of these I can sell to customers to also help streamline their business. What about things like Power BI and what it can do, etc, etc.

Every service in the Microsoft Cloud provides the potential to offer services around and therefore generate revenue. You don’t make money doing what everyone else does (i.e. migrating emails), that is a commodity market. You make money doing what few others can or want to do. The more work it takes to get into that area, the less competition there is and will be and higher the margins. That’s just simple business investment mathematics for you.

The opportunities inside the Microsoft Cloud of Office 365, Microsoft 365, Azure, etc are endless yet I see the majority of resellers doing almost next to nothing with these services themselves. Selling and supporting the stuff is so much easier when you actually use the stuff! Most partners also get the stuff from Microsoft for free. Go use it! NOW!

Become certified

For those that need some sort of syllabus to follow to learn the Microsoft Cloud I would suggest you consider completing the new certifications that are available for both Azure and Microsoft 365. I have written about

The benefits of certification

in the above article. It is not about getting a ‘bit of paper’ it is about using them as a focused way to learn the products, with the added benefit of being able to prove that you know your stuff.

I see that such certifications are going to become a real point of differentiation going forward. Office 365, Microsoft 365, Azure and the like are now common services that anyone and everyone can purchase and access. Thus, many believe they know what they are doing with these services but few really do. The only real way to get an independent verification of this knowledge is going to be via certifications.

I have been called into help so many customers with absolutely criminal Microsoft Cloud configurations done by some so-called ‘cloud guru’ who clearly had no idea at all of the products or what they were doing in any way shape or form. Many customers are becoming far more cautious about whom they trust their cloud services to, as they should be. They should really be asking questions about the experience and knowledge of those working with these systems. Ask yourself, how can you truly and honestly demonstrate your knowledge and experience with the Microsoft Cloud? If you can’t, then certifications maybe an option worth considering.

Above all else, I believe certifications provide a structured learning path and testing of your knowledge. You shouldn’t be afraid of failing a certification exam, you won’t die. Believe me you won’t. I haven’t and I’ve failed plenty of exams! See it as a way to confirmed your knowledge in a controlled environment. Personally, I’d rather find out that my knowledge wasn’t as strong as I thought in an exam rather than in the heat of battle. See certifications as a primary way to verify and expand your knowledge while reinforcing your commitment to professionalism in your chosen field.

Security starts at home

There is little doubt that IT security is now a big thing in the age of the cloud. Everyone is so dependent on IT systems today. No matter what the size of the business, IT security matters! Bad actors are smart operators. They know where Aladdin’s cave is typically located, inside an IT business. Why? Because inside an IT business is normally the keys to many, many other systems. If they can get in here, then the rewards can be enormous. That means IT Pros and IT businesses are big and enticing targets to crack.

If you are IT Pro, ask yourself whether you take security seriously. Are all your devices, phones, computers, files, etc encrypted at rest? Are you using MFA everywhere you can? Do you have good and unique passwords. Do you have alerting set up on your own environment? Have you reduced the surface area for attack as much as you can? Where is your documentation? What is your disaster recovery plan in case of internet outage, power outage, building inaccessibility, etc.

Unfortunately, my experience is that many IT Pros don’t have good best practices when it comes to security. They don’t follow industry best practices. They don’t have a good understanding of attacks and vulnerabilities and tend to give security best practices a low priority over getting the job done. For example, creating full admin accounts just to get something working or overriding security just to get a PowerShell script running. Yes, more security is painful, but that’s the idea. You want to make it as hard as you can for the bad actors.

Take a good hard look at all your systems and ask yourself if they are as secure as they could be. You’ll have to ask this question over and over again because the landscape is constantly changing. The price of security is eternal vigilance. Have you got things like Protection alerts enabled? What about Activity alerts? Activity auditing? Most importantly, do you have a checklist which you use to enable security? If you don’t, why don’t you? Do things randomly, get random results or in this case vulnerabilities.

Yes, security is hard. Yes, there are lots of options. But this is exactly what the bad actors exploit. They exploit the simple fact that people don’t want to put in the effort to be secure. That lack of effort sooner or later results in real financial loss.

The best way to sell security is to implement throughout your business. Ask yourself regularly, is this as secure as I can make it? Once you are serious about security other will see that and understand why they should also be. If they don’t, even after you have shown them, why should you continue to deal with them? Perhaps those businesses are not ones you should be associating with, because we are all only as secure as the weakest link in the chain and the closer you are to the vulnerable system the more financial damage your business is likely to feel when something inevitably happens.

Take responsibility for IT security seriously. Start with your own systems and be the example why others should be as well.

Write stuff down

Whether you use pen and paper, OneNote, a blog, or whatever, there is NO WAY you can keep all this stuff in your head! My number one destination for information is OneNote for many, many reasons. It doesn’t matter what you use. Just use something!

The benefit of maintaining a blog is that firstly it is available everywhere there is the Internet. Next, it may in fact help someone else. If you are reading this then you have benefited from what I post publicly. That’s the power of blogging. Adding to the aggregated knowledge of Microsoft Cloud services available for free is a good thing. Your unique experience and situation many one day turn out to help someone else in need. Pay it forward, as they say.

Another benefit of a blog is that you can point people to it to demonstrate your knowledge and dedication to your craft. Even if your destiny is not as a business owner, having a regularly updated blog stands you out from all the ‘wanna –be’s’ out there claiming to be IT Professionals. You don’t have to be more right that everyone else, you just need to show you are learning. True IT Professionals NEVER stop learning. They are not afraid to try and fail because that teaches them what not to do next time.

Learning is the one skill that once mastered will serve you no matter what changes happen in the industry, in your profession or in your life. You become better when you learn something. You become great when learning becomes part of your daily routine. Remember, most people in this game don’t actually have a structured learning system. They react, scramble around, do internet searches until something random puts out the fire. As they say, do random things and you get random results. Winners have systems. Be a winner, build a system.

True IT Professionals take a professional approach to their business and career. They are proud of the work they do and look to push themselves to improve. They are always looking to improve, invest in themselves and add value while helping others. They are humble enough to appreciate they need to continue to learn in this profession and welcome the challenge of developing their knowledge of the products and services that are available. They are always willing to help others and recognise those that help them. But most of all, they embrace the challenge that that IT profession provides them.

You can take a look back at last year’s gear here:

My Gear 2018

there were/are some major changes happening with my assortment.

Pixel XL phone – still using this as a ‘secondary’ phone. It has all the Microsoft apps installed on it and is connected to my Office 365 demo account. Most importantly, it has the Microsoft Authenticator app for MFA access to my demo accounts in Office 365. Anther major app I use on this phone is OneNote for accessing all my notes.

I connect this phone in my car for navigation (Waze), Podcast (Podcast Addict) and have recently discovered I can also get Amazon Music there as well via the phone. An upcoming post will detail all the mobile apps I use on my devices for you.

This phone continues to perform all the tasks it needs to well and I have no plans to replace it in the near future.

Summary – No change, still in use every day.

Lumia 950 XL – This Windows Phone continues to work but is beginning to show it’s age and lack of support. My main use of this device is simply to make and receive calls, but of late I’m starting to get issues where this isn’t always happening for some reason. Now that may not be the phone, it may be the sim or the network, however I’m also getting more lock ups and random reboots. Nothing major, but painful when it happens. Would it continue to work as an acceptable phone only device? Sure, but is that really serving my purpose and providing the best benefit? I’m beginning to think not.

Thus, I think one of the changes I’ll need to make in 2019 is to finally retire this device and look at a replacement. Given that I already have a functioning Android phone my choice is probably going to be an iPhone. However, given the outrageous prices of iPhones I’m not looking forward to that day and am waiting for some sort of sale or discount offer to eventuate. I have also read that there will be new iPhones coming soon with better support for e-sims so maybe I’ll hold off until then. It is really just my aversion to paying THAT MUCH for a phone.

So sometime this year it will be bye, bye Windows phone and hello iPhone (as well as bye, bye many dollars unfortunately at the same time).

Summary – will probably be replaced by iPhone sometime in 2019 once I can bear the cost of doing it.

Surface 3 and 4 – Are both working well. I use the Surface Pro 3 as a travelling device and the Surface Pro 4 as my desktop. I am considering getting a new travelling device or maybe a new desktop device, say a Surface Pro 6, and using the Surface Pro 4 for travel. I considered maybe a Surface Go as a new travelling device but decided it would not be powerful for what I need.

Looking a Surface Pro 6 brings into question what specs? I certainly don’t need a lot of local storage any more so a 256 GB SSD is fine. That storage capacity then limits me to 8GB of RAM, which I think is also fine. The final choice is an i5 or i7 processor. Since I’m going for a cheaper device here I’d look at the i5 processor as it does everything I need.

Some things to remember about buying a Surface. You’ll also need to add a keyboard and a pen. Doing so brings the price of such a device up to around AU$2,000! However, the biggest drawback is that these current generation of Surface Pro devices only come with Windows Home! On a Pro device? So, I’d now have also factor in an upgrade to Windows Pro as well. Now, that isn’t a huge issue but all up that is lot to pay for a desktop that I kinda really don’t need given the other two are working fine.

If you also couple that with the desire to get a new iPhone, the costs of hardware for both of those devices combined is approaching AU$5,000 which is madness for things I don’t really need urgently. Thus, I am putting both of these on hold until there is a more burning need for them. If a I see a good deal appear for either of these devices I might jump in, but man, that’s a lotta dollars for computers eh?

Summary – considering a Surface Pro 6 to replace Surface Pro 3 but need a practical and rational reason to make immediate change.

iPad – One of the other reasons I was considering a Surface Go was as a pure writing device to totally replace the pen and notebooks that I have. I have wanted to go totally paperless for years but never found the right device. The Surface Go was a contender but once you added all the bits, it became too expensive and somewhat bulky.

I then decided to go with the bottom of the range iPad (WiFi only) and an Apple pencil which brought the total to around AU$500. The Apple pencil is a tad cumbersome and I would prefer something about half the size. I like that it is re-chargable, which the Surface pens aren’t, but that isn’t a huge issue. The Apple pencil does write well but I see no real difference to a Surface pen in that respect but the Surface pen wins on form factor if I was to make an ergonomic choice.

Another reason for the new iPad was my original iPad 2 is now no longer able to be upgraded to new versions of iOS and has become quite slow. So my thinking was to get a new personal iPad device and repurpose the older iPad for testing. The last thing I need to do before I can fully repurpose the older iPad is move the Google Authenticator app off it to another device. That is going to be a major pain that I have so far put off but will need to be done sooner rather than later.

I’m now using this new iPad for anything to do with writing, business and personal. This new device has probably had the biggest impact on the way I do things in the last 12 months.

Summary – new basic iPad is now a central part of my daily routine. Old iPad 2 soon to be repurposed for testing.

Ubiquiti – After having a consumer grade WiFi setup for ages, and after some connectivity issues (which turned out not to be the WiFi after all) I decided that my whole setup needed upgrading. My greatest concern was that the consumer gear firmware was not being upgraded and that would potentially increase my risk, so it was therefore time to upgrade.

After reading Troy Hunt’s post on Ubiquiti and watching his free online course as well, I decided that I wanted something similar. I thus invested in:

– Security Gateway

– UniFi Switch 8 (150W)

– UniFi nanoHD WiFi access point

– Cloud Key Gen2 Plus

I left my old router in place but disabled the WiFi access point and simply use it as a pass through now. I then connected it to the Security Gateway, connected everything else up behind the gateway and then configured it all from a web interface. Very, very impressed with the results. Super simple install. Easy to update the devices and great metrics on usage, devices and so on. Highly recommended.

One of the items that I am considering for 2019 will be a Ubiquiti camera like this:

G3 micro

Again, not really a must have but I can see benefits of having one of these device to monitor things when I’m not there.

In theory, the Australian high speed National Broadband Network (NBN) was supposed to be rolled out to my location in December 2018. I hope that it isn’t too far away so I can complete the final part of the upgrade of my infrastructure and finally get some real high speed connectivity in place. I can’t wait.

Summary – very happy with major upgrade of my networking systems to Ubiquiti gear, with potentially a camera to be added. Awaiting roll out of NBN to complete project.

Docking station – Initially, I though that the cause of my connectivity issues was my old consumer grade WiFi but it turns out that the network port in the my existing Kensington USB 3.0 Docking Station SD3500v was becoming flaky. Problem was the docking station drives a lot of things besides my wired networking, like multiple monitors. The temporary solution was to just unplug the wired connection and go wireless with the Surface Pro 4. The longer term solution is going to be buying a new docking station.

The replacement is going to be:

Kensington SD7000 Surface Pro Docking Station

Unfortunately, there doesn’t appear to any here in Australia at the moment, so I’ve also added that to the 2019 wish list as a priority.

Summary – Kensington SD3500v has flaky network port and will thus probably be replaced with Kensington SD7000.

WD Sentinel DX4000 – I’d also like to upgrade this device as the installed Windows Server 2008 R2 is going into end of life. I’d like to be install Azure File sync on any device and that means Windows Server 2012 R2 or better. I don’t think that it would be a good idea to do an in place upgrade of the equipment, so new infrastructure seems to be required.

Now if I go for a new on prem server, do I get something a bit bigger that can actually function like a ‘normal’ server so I can do more testing? Like I said, I’d really like the ability to install additional software on there but all these wants increase the price. Maybe, I just leave the existing server in place but get a new ‘front end’ box to do what I want?

I still rather undecided on what to do here. Again, the existing server is doing its job well and suits my needs, however having some additional flexibility would be nice, especially for testing hybrid configurations. For the time being I’ve decided to put this on the back burner but would like to do something in 2019.

Summary – on the back burner to upgrade or replace.

Fitbit – The old Fitbit recharging port on the unit has become so broken that the charging cable will no longer attach to it. The cost of replacement items is too high in my books and I really don’t want another watch as I like my analogue one. Having used a Fitbit for many years, I have a lot of accumulated data that I’d be forgoing if I went to another device. However, on the other hand, how often do I look at that data? Rarely, if I’m honest.

The most likely replacement is probably going to be the Oura ring, which I really like all the metrics around it. Now the challenge is I need to get my finger measured to find the right size. Oura does ship a sizing kit that allows you to check the size using plastic mock ups before you confirm but you still need to purchase the whole unit first.

Being a few hundred US$ doesn’t make this item cheap. Being that I also REALLY don’t need this item I’ve still in the due diligence phase, making sure that it is the best investment for my money as I know there are other devices out there. So again, probably something I’ll get in 2019 but no real rush as yet and as yet I’m not 100% sold given the cost.

Summary – Fitbit has died after a long and productive life and it looks like the Oura ring will be the replacement.

Amazon Kindle – In use every day, no change. One of the best devices I have ever invested in.

Xbox One S – Twelve months old now and use it mostly to watch videos on Amazon Prime or YouTube. Play the occasional game when the mood takes me. Makes for a good distraction when the need arises.

Summary – mainly used as a consumption device with some gaming. No change or updates expected in 2019.

My major hardware investments in 2018 where new Ubiquiti networking and a new basic iPad to replace all paper notebooks. On the cards for 2019 are probably a new iPhone, Oura ring and docking station. What also will probably eventuate is a G3 micro video camera, new on prem server and maybe a new Surface Pro.

Let’s see what 2019 brings.