CIA Brief 240113

If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week.

My Tech Books – 2024

Tech is as much a lifestyle choice these days as it is a career. The geeks and nerds have risen to rule the world. Don’t believe me? Ask Bill Gates and Elon Musk! Sometimes it is good to step back and take a wide look at how technology has changed the world we live in – for better and worse.

To see my list from last year visit – My Tech Books 2023

My selections below, both fiction and non fiction, I have found to be enjoyable and thought provoking in many different ways and I recommend them to everyone who is interested in tech.

Mentions from 2022

Doom Guy: Life in First Person – John Romero

Pegasus: How a spy in your pocket threatens the End of privacy, dignity and democracy – Laurent Richard

Tracers in the Dark: The global hunt for the Crime Lords of Cryptocurrency – Andy Greenberg

You can follow all the books, tech, business, non-fiction, etc that I read over at Goodreads. You can view my activity here:

https://www.goodreads.com/director_cia

1. Daemon – Daniel Suarez [Fiction]

A glimpse into the future of where drones and augmented reality may take us. That may not necessarily be a good place either.

2. Freedom TM – Daniel Suarez [Fiction]

A follow up to Daemon. What happens when technology dominates the world? Who benefits?

3. Ready Player One – Ernest Cline [Fiction]

Much like the Matrix. What is life like if you live inside the machine? You can be just about anyone you choose. I also love this book for all the retro technology that was part of my life. TRS-80 anyone? This book has become so popular that there is now a movie. Believe me, the book is better.

4. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers – Andy Greenberg [Non-Fiction]

This is a great book if you are interested in IT security. It is also a very current book which makes it even more engrossing. It is easy to read and quite comprehensive in its approach, not only dealing with the technology of security attack but also the geopolitical reasons and consequences.

It reveals that shadow world of nation state cyber attacks and illustrates how they are happening today and likely to increase in the future. The connected world of the Internet has brought us many benefits but it is now increasing risks as our dependencies increase to the point that there are few manual backups that don’t depend on technology.

I think this book is a real glimpse into the future and what we may be in store for in the even of rising global conflicts. If you like tech, you’ll love this!

5. Future Crimes: Inside the Digital Underground and the Battle for our Connected World – Marc Goodman [Non-fiction]

Technology will ultimately doom us all I believe because we are building our world on stuff that unfortunately places a low regard for security and privacy. This book will show you why that is a road to ruination.

6. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon – Kim Zetter [Non-Fiction]

If you don’t believe cyber warfare is real then read this book to understand how software is now a weapon as potentially devastating as any nuclear device.

7. Beyond Fear: Thinking Sensibly about Security in an Uncertain World – Bruce Schneier [Non-Fiction]

Security is important but it is important in context. We need to be rational when we consider our security not emotional. A great level headed approach to how we need to be secure.

8. American Kingpin: The Epic Hunt or the Criminal Mastermind Behind the Silk Road – Nick Bilton [Non-Fiction]

An amazingly detailed book on the rise and fall of Ross Ulbricht, the creator of the Silk Road web site. In here are asked to think about whether technology plays something more than a neutral role in today’s world.

9. The Cuckoos Egg – Clifford Stoll [Non-Fiction]

Before the Internet was in the public sphere it existed in the world of academia. This is the story of how one man’s search for the source of an accounting error uncovered something are more sinister.

10. This how they tell me the world ends: The cyberweapons arms race – Nicole Perlroth [Non-Fiction]

Highlights the challenges that society has created, mainly from its’ own doing and questions of how we go about fixing this so we don’t end causing infinite harm to both intended targets and unintended victims.

Defender for Office 365 Anti-phishing policies can protect externals as well!

My experience with most Microsoft 365 environments I see is that they fail to make use of all the features that are provided. None more so when it comes to security. For example, most people don’t seem to appreciate that the Defender for Office 365 (which is part of Business Premium) provides impersonation protection for internal AND external email addresses! It just needs to be configured. The details are here:

Impersonation settings in anti-phishing policies in Microsoft Defender for Office 365

and as it says there:

You can use protected users to add internal and external sender email addresses to protect from impersonation.

but it is important to note:

User impersonation protection does not work if the sender and recipient have previously communicated via email. If the sender and recipient have never communicated via email, the message can be identified as an impersonation attempt.

This means, you want to get the configuration of important external email addresses in place as soon as possible so any impersonation against those users can be evaluated. It is too late to do after an internal user is communicating with a scam (impersonated) domain.

You will also see that you can also configure protection for external domains, rather than just specific email addresses, for impersonation evaluation.This means that if the users inside the tenant deal with an important business that has its own email email, that is NOT part of that tenant, you can enter that domain in here. Makes a lot sense when you are working with a business regularly that is doing stuff like invoicing, e-commerce or the like (honestly anything at all really).

Let’s say that I work with a business who’s domain is ciaops.com. By enabling this impersonation protection early, if users in the tenant receive email from c1aops.com then it is far more likely to be detected because the system is looking of for spoofing of that custom external domain I entered in the policy.

Thus, if you have Microsoft Defender for Office 365 in your environment (and you do if you have Microsoft 365 Business Premium), then you can provide an extra level of protection by configuring the Anti-Phishing policy for impersonation settings for both your important internal AND external usera and domains (i.e. people and businesses you work with regularly). You should do that as early as possible to provide the maximum protection the policy can provide. They key is that someone has to add in the unique email addresses or domains into the policy, they are not added automatically, even internal email address. They ALL have to be added to the policy.

You can protect up to 350 unique email addresses and 50 unique domains, which is probably more that enough to cover everything a smaller business would need for internal and external users. Unfortunately, I rarely see this great capability enabled. It’s available if you have Microsoft Defender for Office 365 so go configure it and reduce the risk to the users in the tenant. Easy!

My podcasts 2024

desk-music-headphones-earphones

You can find the previous year’s selection here:

My podcasts 2023

I do spend a lot of time listening to podcasts, generally in between things, like travelling. However, there is a limit to how many you can consume in a week and that’s why I need to be very discerning about what I listen to.

Regulars

These podcasts are ones that I generally won’t miss an episode of.

Windows Weekly

The latest Microsoft news with some fun and entertainment along the way. Paul Thurrott’s musing make this podcast alone something worth listening to. I still miss Mary Jo Foley I will admit and the show just isn’t as good or enjoyable. It seems the new co-host in Richard Campbell really only talks about whiskey, which doesn’t interest me. Unfortunately, I’m find Windows Weekly to be much more ‘ranty’ than it used to be and largely just the Thurrott show.

The Tim Ferriss Show

Some really great advice, business insights and strategy. Also lots of life lessons that I have found work really well for me. A weekly must listen for me. Some, I do skip through and some can be quite tough to get through because they are so long, but a worthwhile investment of my time. I am finding these shows are getting longer and longer making them hard to squeeze in.

Hardcore History

These tend to be quite long, like reading a book, but a very good and very interesting. Luckily, they are not that frequent, so it can make a nice change from all the tech stuff. There hasn’t been much content here of late which is disappointing.

The Intrazone

All the latest news and information about SharePoint, OneDrive for Business, Teams and more directly from Microsoft. Pretty short, which makes it easy to consume. Can try a bit hard to be ‘fun’ at times but good way to stay up to date with the Microsoft collaboration news.

Sync Up

A podcast focused on the Microsoft files experience around OneDrive from Microsoft. More content has dropped but they seems to spend so much time at the beginning of the ‘learning’ about the guests and what do they like etc. I’d really prefer they just get into the content. I’m here for that not, not to take a deep dive into the personalities.

Darknet Diaries

Really well produced cybersecurity focused podcast. Has a nice variety of topics and the content is good and well researched. If you enjoy the security side of IT you’ll love these episodes. Seems to me that Jack has run out of content for these for the time being. recent episode have deviated away from main theme in my opinion. Less regular episodes and the topics are becoming broader, which isn’t necessarily a bad thing but the context has changed.

Once off podcasts

Think of these more of a book you’d read or a TV show you’d watch.

The Lazarus Heist

Another well produced podcast from the BBC that follows the trails of and attempt to steal and launder billions of dollars. Apparently, additional episodes are coming later this year. If you like Darknet Diaries, you’ll like this.

I churn through these mostly at 2x speed to allow me to get through as much content as possible. I do have a few other podcasts on my current podcasting app. I am always on the lookout for good podcasts business, technology, history, whatever. So if you can recommend something you like, I’m all ears. These days, if you have a topic of interested, you’ll find many podcasts you can listen to. Don’t be shy to try them and throw away ones that don’t suit you until you find what you like.

I’ve found that many podcasts have disappeared over the last year and I have been more judicious on what I spend my time listening to. It has to provide valuable information or be enjoyable to listen to and I have become much stricter on those criteria. I have a tried quite a few new podcast in the last year but none of them really stood up to my requirements.

Finally, of course, there is my own podcasting effort:

Need to Know podcast

which covers the Microsoft Cloud (typically Microsoft 365 and Azure) as well as business topics. I encourage you to have a listen and me know what you think. 2024 will be the fourteenth year that it has been available.

Hopefully, there is something of interest to you in what I listen to. Feel free to let me know as well as any recommendations you may have, as I said, I’m all ears!

On a side note, my preferred podcast app Castro has just died it seems, so now I’m the extended process of finding a replacement, which is proving painful.

My Tech videos 2024

My list for last year:

My tech videos – 2023

Documentaries

Blackberry – Official trailer

Power On: The story of Xbox

Easy to Learn, Hard to Master: The Fate of Atari

Zero Days

The Rise and Rise of Bitcoin

Movies

Issues with Microsoft Defender on iOS

I’m having issues with Microsoft Defender for iOS that I’m sharing here in case this may benefit others.

I think the root cause of the issue is that I have an EntraID account (production) and a Microsoft account (consumer) that are identical. One suggested solution is simply to rename the consumer account but I’d prefer not to do that if it can be avoided.

Here’s what typically happens:

My iOS device has Intune Company Portal App installed and I install Microsoft Defender manually from the iOS store. When I run Microsoft Defender I’m greeted by the screen above, which in this case only shows my consumer account.

The only option available is to sign up for a trial. This indicates that it doesn’t accept my production account which includes a license of Defender for Endpoint.

In other cases, I’ve see both my production and consumer account listed but it never seems to accept my production account when my consumer account is also present.

Interestingly, I get different results depending on whether I use an iPad or a iPhone.

On my iPad, I noted that I had both my production and consumer credentials in the Microsoft Authenticator app. I removed all the credentials so there was none. I reboot device, added ONLY my production credentials to the Microsoft Authenticator and then I was able to login to Microsoft Defender with my production account. Interestingly, this worked for a few days and then I had to repeat the process to get Microsoft Defender on my iPad logged back into my production credentials again.

The story is a little different on my iPhone. I didn’t want to remove my Microsoft Authenticator app but I did remove my consumer credentials from the Authenticator app, leaving just my production credential there. Even after a few reboots, I still wasn’t able to login to Microsoft Defender with my production account. Instead I logged into Microsoft Defender using a demo M365 E5 account I had. That allowed access and Defender was working.

A few days later, on my iPhone, Defender was asking for a login. I was now able to login with my production account and enable Defender correctly. However, I do notice that when I run Defender on the iPhone I see it switch out to Microsoft Authenticator and then switch back, as though it is checking my account. Since I have just managed to get Defender logged in on my iPhone with my production account I’ll need to see whether it ‘sticks’ or whether it prompts me to login again in the future.

In summary, as I said initially, the root of these issue come down to the fact that I have the same consumer and production identity and it seems Defender on iOS can’t differentiate. It also seems that Defender on iOS also interacts with Microsoft Authenticator in some way, also in different ways on an iPhone and iPad.

I’ll post more when I have done further testing.

My Business Books – 2024

Check out my recommendations from last year:

My Business Books – 2023

Honourable mentions that I read last year:

– Be Useful – Arnold Schwarenegger

– Die with Zero – Bill Perkins

You can follow all the books I read and want to read over at Goodreads where I have an account. You can also view my activity via:

https://www.goodreads.com/review/list/708903-robert?shelf=read

Here’s my current top business books in order:

1. The Art of War – Sun Tzu

The all time classic on strategy. As relevant today as it ever was. A very short read but very deep.

2. The Millionaire Fastlane – M.J. DeMarco

I love the brutal honesty of this book. It doesn’t mince words about what it takes to shift from a pay check to actually living the life you want.

3. The Tipping Point – Malcolm Gladwell

The world is all about not what you know but who you know. This book explains exactly how this works and how to use it to your advantage. A lot of Gladwell’s writing have been called into question of late. Even so, putting aside the example he uses, I think the concept surfaced have great merit.

4. The Four Hour Work Week – Tim Ferriss

Many people believe this book is about shirking responsibility. It is in fact a blueprint for how to free up your time to do things you want and enjoy. It will challenge the way you look at your career. This book has become some what dated so ensure you get the latest revised edition. Again, I would suggest you read this and consider the 30,000 foot view of challenging many people pre-conceived concepts about career. The ability to do anything, anywhere these days has never been truer.

5. Secrets of the Millionaire Mind: Mastering the Inner Game of Wealth – T. Harv Eker

The successful are defined by a different mindset. This mindset can be learned. It can be trained. This is a great book to show you how to do just that.

6. Talent is over rated: What Really Separates World-Class Performers from Everyone Else – Geoff Colvin

Demonstrates that the best comes from implementing a system. Having a system allows you to focus on the right thing and do that work that is required. If you want to take yourself to an elite level, beyond just good, then read this book.

7. Book Yourself Solid: The Fastest, Easiest, and Most Reliable System for Getting More Clients Than You Can Handle Even If You Hate Marketing and Selling – Michael Port, Tim Sanders

You can’t survive in business without a steady flow of customers. Selling to people is the wrong approach, you instead need to attract them to your business. This book helps you achieve exactly that.

8. Profit First: A Simple System To Transform Any Business From A Cash-Eating Monster To A Money-Making Machine – Mike Michalowicz

Business is about making a profit. This then gives you the freedom to do what you want with that profit. This book helps you focus on profit and setting up systems to make the most of the profit you generate.

9. Barking Up the Wrong Tree – Eric Barker

Conventional wisdom does not always apply and in some case can actually be detrimental. Challenging what is taken for granted should be in the play book of everyone who wants to achieve at the highest level. Important lessons can be learned in the strangest places and form the strangest people. Have an open mind and you might be surprised at what you have believed to be bad in fact turns out to get just what you need.

10. Unbeatable Mind: Forge Resiliency and Mental Toughness to Succeed at an Elite Level – Mark Divine

Another mindset book. Business is not always going to be easy or take the intended route. This is when you need to have the determination to see your plans through to success. This book shows you how to develop the mental toughness to make this happen.

11. Mastery – Robert Green

Excellent read with lots of great strategies to take away. Excellence is not a talent it is a skill. That means that it takes hard work to achieve, but hard work is available to everyone, yet few choose the path. There is no secret to Excellence, it is something only time and effort will reward you with and iof you choose that path you’ll be one of the few.

12. Tools of Titans – Tim Ferriss

There are few books that take the learnings for so many exceptional people and puts them at your fingertips. This is one such book that packs a lot of business and life learnings between the covers.

13. Predictably Irrational: The Hidden Forces that Shape our Decisions – Dan Ariley

Although we like to think logic and rationality rule our world emotion is by far the more powerful influence. Understand this in the context of business and you are well on your way to understanding why people make the decisions they do and how to best profit from them.

14. Extreme Ownership – Jocko Willink and Lief Babin

Moving beyond blame is tough. This book illustrates the ownership of the problem and the environment is a key to success in the military or in business. It is a path few will elect to take voluntarily, however more may do so after reading this.

15. Peak Performance: Elevate your game, avoid burnout and thrive with the science of success – Brad Stulberg

Success is largely about developing a winning system. This book show you how to approach that pragmatically. If you want to see results use this book to help you build the system.

16. Blink: The Power of Thinking Without Thinking – Malcolm Gladwell

The older you get the more experience you get. This experience is aggregated in your ‘gut feel’. Trusting your ‘gut’ may not appear rational but this book will help you understand why it is in fact your best option in many cases. Again, take Gladwell’s examples with a grain of salt but the message is still relevant.

17. The Now Habit: A Strategic Program for Overcoming Procrastination and Enjoying Guilt-Free Play – Neil A. Fiore

Plenty of great productivity learnings in here that help you take action. It shows you how to focus on the right stuff in the right priority. Even if you are not a major procrastinator there is plenty in this book that you can take away.

18. The One Thing – Gary Keller

Multi-tasking is a myth. Focus is the key to success to bringing all your resources to bear in unison makes a hell of a lot of difference. Most people can’t do it, so those that can stand a much greater chance of success.

19. Deep Work – Cal Newport

Distractions are wasted energy and time that you’ll never get back. You’d be amazed at how distracting the modern world is. If you can minimise these distractions you can focus more and be far more productive.

20. The E-Myth – Michael Gerber

The classic on ‘procedurising’ your business and creating a structure that doesn’t need you to survive. The simple secrets inside this book can transform any business from hardship to joy.

Let me know what you think. Do these work for you? What’s your top business reads? I’d love to hear.

Some other business books that I read that may be worth considering:

– The Ideal Team Player – Patrick Lencioni

– Blue Ocean Strategy – W. Chan Kim

– Non-violent communication – Marshall B. Rosenberg

– Elon Musk – Walter Isaacson

CIA Brief 240106

Rerun queries in query history

Microsoft Datacenter Tour: Virtual Experience

SharePoint Roadmap Pitstop: December 2023

Enabling Microsoft Syntex PAYG

Experience AI-enhanced meetings in every Teams Room

Introducing a new Copilot key to kick off the year of AI-powered Windows PCs

What’s New in Microsoft Teams | December 2023

Get organized at work with Microsoft Loop

Copilot app for iOS

Copilot app for Android

Financially motivated threat actors misusing App Installer

Overview of multi factor authentication

After hours

GoPro: Best of 2023 –

https://www.youtube.com/watch?v=Yb2cX8qwCho

Editorial

If you found this valuable, the I’d appreciate a ‘like’. This helps me know that people enjoy what I have created. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week.