Microsoft 365 incident response training

pexels-pixabay-69934

In early 2023 I’ll be running an incident response training course for Microsoft 365 environments. Training will held over four consecutive weeks. Each session will be two (2) hours and run from 9am Sydney time.The dates are:

Wednesday January 11th 2023 – Before an incident. What you need to do to prepare

Wednesday January 18th 2023 – During an incident. What you need to do when an incident occurs

Wednesday January 25th 2023 – After an incident. What needs to be done after an incident has occurred

Wednesday February 1st 2023 – Lab exercises and group best practice discussions

The sessions will be recorded and other materials from the sessions (checklists, etc) will be available to attendees afterwards.

This event will be conducted remotely via Microsoft Teams.

The aim of this training is to help you better prepare for a security incident inside the Microsoft 365 environment. You’ll learn what settings you should enable and what processes you should have in place before an incident occurs. The sessions will also take you through common examples of incidents and help you understand what needs to be done when they occur and how to minimise risk and impact to a business. The sessions will also take your through the post-incident process to build confidence with what information needs to be maintained and how to prevent similar incidents re-occurring. The final session will be a group hands on lab and discussion so you can put all the skills you have learned to the test.

The price for this event will be:

Gold Enterprise Patron = Free

Gold Patron = $33 inc GST

Silver Patron = $99 inc GST

Bronze Patron = $176 inc GST

Non Patron = $399 inc GST

You can learn more about the CIAOPS Patron community at www.ciaopspatron.com.

I hope that you’ll join me in January for this event as I believe it provides some much needed training in a very important aspect of managing and securing Microsoft 365. If you are serious about security for Microsoft 365, then you need a plan and this training will aim to give you just that plus some experience to boot!

You can register you interest in attending this course here – http://bit.ly/ciaopsroi after which I’ll be in contact with you to arrange payment and get you enrolled.

As always, if you have any questions about this training please email me on – director@ciaops.com.

I hope to see you there.

Techwerks 17

bw-car-vehicle

I am happy to announce that Techwerks 17 will be held in Melbourne CBD on Thursday September 29th 2022

The course is limited to 20 people and you can sign up and reserve your place now! You reserve a place by completing this form:

http://bit.ly/ciaopsroi

or by sending me an email (director@ciaops.com) expressing your interest.

The content of these all day face to face workshops is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into the Microsoft Cloud including Microsoft 365, Azure, Intune, Defender for Endpoint, security such as Azure Sentinel and PowerShell configuration and scripts, with a focus on enabling the technology in SMB businesses.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend in Melbourne is:

Gold Enterprise Patron = Free

Gold Patron = $33 inc GST

Silver Patron = $99 inc GST

Bronze Patron = $176 inc GST

Non Patron = $399 inc GST

I hope to see you there.

Techwers 16

image

I am happy to announce that Techwerks 16 will be held in Brisbane CBD on Thursday August 18th 2022.


The course is limited to 30 people and you can sign up and reserve your place now! You reserve a place by completing this form:


http://bit.ly/ciaopsroi


or by sending me an email (director@ciaops.com) expressing your interest.


The content of these all day face to face workshops is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into the Microsoft Cloud including Microsoft 365, Azure, Intune, Defender for Endpoint, security such as Azure Sentinel and PowerShell configuration and scripts, with a focus on enabling the technology in SMB businesses.


Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.


The cost to attend in Brisbane is:


Gold Enterprise Patron = Free


Gold Patron = $33 inc GST


Silver Patron = $99 inc GST


Bronze Patron = $176 inc GST


Non Patron = $399 inc GST


I hope to also have a streaming option available as well. The costs for this will be:


Gold Enterprise Patron = Free


Gold Patron = Free


Silver Patron = Free


Bronze Patron = $33 inc GST


Non Patron = $99 inc GST


CIAOPS Patron information can be found here – www.ciaopspatron.com

I hope to see you there.

Bad guys keep winning (Part VI)

pexels-kat-wilcox-923681

I’m super angry about this, so be prepared for a bit of a rant. I’m posting this in the hope that it maybe found by others who maybe concerned about a recent call they received from the “Security Department of VISA and Mastercard” detailing fraud on their banking accounts.

My senior parents received a call from “Neil Spence” from the “Security Department of VISA and Mastercard” claiming there had been some potential fraudulent transactions from eBay and Amazon on an account. The total of these was around $400. He then asked whether they wanted them investigated and stopped. Of course they said “Yes please”. He then said he would transfer them to their bank to speak with someone to take action and block these transactions. During this process he provided a call back number 1800 829 403 (which turns out to be the number for the Australian Government Department of Aged Care Fraud hotline which is nothing to do with VISA. I also called and determined there is no “Neil Spence” their either) and a reference number SIP5010.

Now the ‘helpful’ person at ‘the bank’ they were transferred to, got them to provide all the account details (account number and balances) and made a great show of saying that this isn’t a scam because they were not being asked for the PIN to any accounts. The ‘bank’ said it would investigate.

A few days later the ‘bank’ called back and said they had identified that fraud had indeed taken place but by an employee of the ‘bank’ at the local branch they use. The ‘bank’ then said they wanted the help of my parents by catching the employee in act of conducting this fraud. To do this, my parents needed to go the bank immediately and make a cash withdrawal of just over $8,000 and then wait for more instructions. They were however told not to mention this at the bank branch otherwise it would tip off the investigation and allow the perpetrator to get away scott-free!

At this point it was determined that it was a scam but here’s where it gets interesting for me. Even though I was confident that no money was missing I thought it best to call the bank. That process took me down a rabbit hole of pushing numbers on a phone routing system, entering account details, trying to work out how to enter an alpha numeric password via tones, etc. My parents had no hope negotiating that.

When I did eventually get through, I was on hold for more than 20 minutes with no idea of how much longer I’d be, so I hung up and called the Police on a general number. That too went to hold and again I gave up after 20 or so minutes of no reply and no idea of wait numbers.

Here’s why the scammers win. They target people of an older generation who are less comfortable with the modern method of banking (Internet and phone). They also target them because they tend to not question authority. They then establish trust and get the target to ‘help’ them catch the bad actors, that makes the target feel guilty that they should help catch the alleged perpetrator. All this ends up doing is draining money from their accounts and sending it to the scammers all the while making people like my parents less trusting of their local branch staff, which is exactly the people they should be going to. There is no doubt, these scammers know their game.

At this stage it seems like the initial attempt at obtaining funds has been thwarted but given account details were shared unwittingly, we’ll need to be extra vigilant and potentially cancel all the credit cards which will be a very painful process. Very. So this issue is not over by any means and at the very least my parents will probably continue to receive more called from the ‘bank’ and I expected these to become more hostile when they don’t comply.

What has truly made me angry is just how hard it is for people of my parents generation to get help on these matters. Luckily, I was able to provide an external perspective as well as do some investigation of my own. What would of happened if I wasn’t available to assist? Most likely, the scammers would have continued to fleece my parents for large of money over a few weeks.

No wonder the bad guys (and gals) keep winning if the responses I got from the authorities trying to report this is anything to go by. Where is the protection for our societies most vulnerable? As I have said many, many times cybersecurity is largely an illusion, especially when enacted by big institutions. It seems like it is you against some very clever and motivated scammers and if you are the right target, then you really don’t stand much of a chance. From where I sit, there is lots of talk but the problem is not getting any better. Just look at the news and amounts people are scammed out of regularly. Why is there not better protection? People have a right to not have their hard earned money fleeced from them when they are with a large institution that makes all these noises about being cybersecurity-aware and investing billions in protecting customer. Unless you fit their customer profile seems like you are on your own to me!

A sad state of affairs were we are all reduced to looking after ourselves. But what about those who are unable to do this? Do we just let them get fleeced? As I said, I’m angry that it is victim who pays and hope this information is of value to someone else and prevents them from being fleeced or put through this drama.

Be a winner. Don’t recruit, build an employment system

pexels-洋榤-郭-2399840

One of my favourite quotes is from Scott Adams:

Losers have goals. Winners have systems.

Scott Adams is the creator of the Dilbert cartoon strip, which many would say provides perceptive insight into how many businesses are run today and the personalities inside them.

This systems based approach lines up with some recent articles I’ve written:

Every business today is a software business

and

We all need to automate more

because, probably the place where I see the least use of systems is when it comes to employing and training staff. Most businesses cast a random net looking for people with unique skills and experience, but when they employee people they find, they largely don’t develop them further in any structured way. They hope that they will ‘accumulate’ knowledge throughout their time and apply to the business adding value along the way. That is a pretty haphazard approach to probably the most important resource in a business.

I think a far better model to emulate is brought to us from the military. They take recruits, from all walks of life and experience, then put them through standardised training to get people with the skills they need. They have done this successfully for thousands of years. It is a proven model for results. Why don’t more commercial businesses take this approach?

I had a recent conversation with a technology provider who was having trouble finding a high level cloud technician for a role. Given the the constantly changing cloud technology field, how would you ever expect to find someone like that I asked? To attract such a candidate the business is going to have a huge salary package, well above what the small business could afford. But he insisted that this is exactly ‘what his business needed to succeed’. No it doesn’t! That approach to me is completely bonkers because you are putting all your eggs in a single basket with someone would could choose to leave at any point in time, including immediately after starting.

I suggest that a far better approach would be to build a ‘training system’ to produce the candidates you require. You can take people with much lower skills sets and put them through a largely continuous automated training process to give them the skills needed. If the candidate resigns or ‘drops out’ of the system at any point, you simply feed the next candidate into the start from which, again, out will pop exactly the person with the skills that you need.

The other advantage with an ‘employment system’ like this is that the business owns it, manages it and controls it. It isn’t reliant on someone who could leave a the business at any stage.

When you speak with most managers they say they employ on attitude and develop skills but that is definitely not what I see executed, especially in IT reseller businesses. Most get rushed into selecting a candidate because they have a desperate need and then hope against hope that they will work in that role. In the majority of cases, they don’t, which means it’s right back to recruitment stage again.

The challenge with systems is that don’t grow on trees or magically appear when you rub a lamp. They need to be designed. They need to built. They need to be maintained and they need to be automated. I’ll go back to one of my other favourite quotes I’ve used before recently:

“Compound interest is the eighth wonder of the world. He who understands it, earns it … he who doesn’t … pays it.”

― Albert Einstein

and say that compound interest ONLY works when you invest FIRST! All you need to do is start and keep working at it. Too many people focus on the end result rather than what they need to do NOW to move the ball forward.

I’ve spoken before about:

Core Microsoft Cloud IT Professional skills

and

The benefits of certification

It would also be hard to say that there is not an abundance of training available today from many, many sources on just about any topic you can name. Leverage these, put a program together, track people’s process and enhance it over time. If you are smart, you’ll get those who are undertaking the training to provide feedback and even adjust it for you. Thus, each new employee is helping to improve your training system.

Many employers incorrectly fear that if they train employees, they will leave. Many studies show the reserve is actually true. Employees prefer businesses that provide training and invest in their careers rather than those that don’t. Besides, as I said earlier, if an employee chooses to leave, you just insert another one into the system you have created.

The chances of you obtaining a suitably qualified candidate in the market today is pretty low. Instead, do what the military does and has done for thousands of years to great success, take anyone and put them into a system that creates the desired end result. By doing so you gain independence and you build another item of unique value in your business. Be a winner, build an employment system.


Every business today is a software business

pexels-pixabay-270348

Following on from a post I wrote recently:

We all need to automate more

I’d like to continue my musing about the challenge of finding qualified staff, especially if you are a technology provider.

Traditionally, IT Providers have looked for staff that can perform a certain defined role in their business and that has kind of been where it ends. When that person leaves, they need to find a similar soul to replace them. There ain’t much leverage here if we are honest is there? Technology and technology businesses should be about leverage.

The main fault lies with the skill set that IT providers are recruiting for these days.

A very famous tech luminary wrote an article back in 2011 called:

Why software is eating the world

and if you haven’t read it, you should. You should also be mindful of that fact that it is now over ten years old! Given that context, I feel pretty confident in saying that EVERY business is in fact a software business today. Every business relies more on IT systems that it ever has and the core of IT systems is software NOT hardware or infrastructure. Problem is, most business don’t yet realise they ARE a software business!

So why is it that most IT businesses recruit people for old world hardware and infrastructure roles? Don’t they realise the world has well and truly been eaten now it is 2022? Perhaps a reason they can’t successfully recruit is what they consider ‘suitable’ candidates has moved on so much from such traditional roles to roles that embrace what modern technology is all about today. Software. Perhaps the reason people can’t be found is that no one wants those traditional roles anymore! Maybe?

In essence, any modern role, especially in industries that provide technology services should include software as a core capability, most importantly, the ability to code. No, I am not saying that everyone needs to be a C sharp developer. What I am saying that our world today is built on code and it takes people who understand that and can speak that language to successfully support it. The past is about speed and feeds, aka hardware. That is now pretty much an arcane ancient language. Bandwidth is the principal commodity of the modern workplace not CPU speed or RAM.

A traditional IT provider should therefore be looking for DevOps people. Those that can do the IT operations, create users, reset passwords, etc as infrastructure types have done for years but also be comfortable with creating automation processes and scripting to reduce the precious amount of human capital that needs to be invest to achieve these aims.

Another benefit of employing DevOps types is that the code they develop can be leveraged across many customers, unlike their time. A typical infrastructure tech is limited to a fixed linear set of tasks between certain times in a day. Code however, can run constantly across multiple environments with minimal human interaction.

Still further, when a DevOps type leaves the organisation their code stays with the organisation, whereas when a traditional infrastructure technician leaves they leave no real value beyond their actual time in the business. That is not playing smart business in my books, that is simply trying to throw resources at a problem which you can never win, because you are always going to have to replace the resource at some point in time. That situation has taken many business this long to realise. Problem is, now they have, they are not well placed to deal with it. All they can do is scramble for more resources which are becoming scarcer everyday. In short, your staff are going to move on, that is a fact. You will need to replace them. Is your only solution simply to replace staff as they leave with similar candidates? That isn’t a game you can win because you’ll always be time poor when recruiting and never find an exact replacement, and even if you do, that replacement could resign immediately and you are again faced with the same dilemma. What’s the definition of insanity again?

I think another reason why so few people want to do traditional IT infrastructure work is that it is purely and simply ‘slog’ work. By this I mean that your reward for closing a trouble ticket is, guess what? Another trouble ticket and then another and then another at infinitum. If you want to disincentivise  and burn people out, keep giving the same grinding work over and over again like trouble tickets. Most IT managers would hate that themselves yet they enforce it on their subordinates. To me, that is utter madness because you are treating people like machines and to my knowledge we should have all left that behind in the Victorian age!

An emphasis on code and software allows expression, it allows the human brain to to what it is good for. To create, to be imaginative and innovate. Most people entering the workplace are more digitally native than any previous generation. They have grown up with technology and the Internet. They don’t fear the technology but most businesses today still constrain their workers by time management methodologies rather than measuring them on result based outcomes. Most are more comfortable seeing workers put in the ‘hours’ (whether or not they are being efficient is irrelevant, as long as they are visibly burning time is the key) rather than providing incentives based on outcomes (like say adding value to a customers business). Again, pure and utter madness in our modern technology landscape.

Anyone today who as even a slight interest in IT is going to be into software and coding as they should be. In fact, EVERYONE, yes EVERYONE needs to learn how to code. It is the language of our age. This, as I said earlier, doesn’t mean you need to be a developer. What it does mean is that you have a greater array of tools you can use to solve problems for one piece of code can build on another and be shared with others thereby leveraging the initial input invested to create it.

Software is a problem solving tool that should be part of everyone’s professional skills. It ain’t hard. There is so much free stuff out their on the myriad of languages available to code in. BASIC, PowerShell, C++, Java, and so on, and so on. Just go to Youtube and you’ll find someone willing to teach you code. The more time you spend learning and implementing code, the better you’ll get at it. Coding is a skill, it ain’t a talent. Everyone who already codes at some point learnt how to code, they weren’t born with the ability to write quality Python out of the womb!

If your are selling your skills into today’s market, skill up on programming. Even knowing Excel macros is going to put you at least one step in front of your competition who can’t code. Because, if you can’t code you’ll be consigned to role where people take advantage of your time not you brain. In essence, you are trading your personal time for money and no matter what they pay you, that transaction is never enough as you’ll never get your time again.

So ask yourself the question, have I (and the business I may run) truly embraced the modern technology world that software has ‘eaten’ or are you living in the past hoping to trade time for money? Because if you are living in the past still, eventually the appetite of software will catch up with you and automate what you do faster, better and cheaper than you ever could. Where will that then leave you?

If you own a business, you should looking for people who support this model. That is, those who are software aware. Those who can use software to solve problems better than anyone else. Allow them to unleash the true capabilities of the human mind rather than constraining them to a treadmill of endless problem tickets. We want creators, not biological robots to burn out and throw away. That means businesses need to create the environments to support this. Look around and ask yourself whether your business today truly supports that environment. I’d have a guess and say that it probably doesn’t. You better watch out then, the software tyrannosaurus rex now roams freely.

Techwerks 15

bw-car-vehicle

I am happy to announce that Techwerks 15 will be held in Melbourne CBD on Thursday May 26th 20212.

The course is limited to 30 people and you can sign up and reserve your place now! You reserve a place by completing this form:

http://bit.ly/ciaopsroi

or by sending me an email (director@ciaops.com) expressing your interest.

The content of these all day face to face workshops is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into the Microsoft Cloud including Microsoft 365, Azure, Intune, Defender for Endpoint, security such as Azure Sentinel and PowerShell configuration and scripts, with a focus on enabling the technology in SMB businesses.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend in Melbourne is:

Gold Enterprise Patron = Free

Gold Patron = $33 inc GST

Silver Patron = $99 inc GST

Bronze Patron = $176 inc GST

Non Patron = $399 inc GST

I hope to also have a streaming option available as well. The costs for this will be:

Gold Enterprise Patron = Free

Gold Patron = Free

Silver Patron = Free

Bronze Patron = $33 inc GST

Non Patron = $99 inc GST

I hope to see you there.