Need to Know podcast–Episode 272

In this episode MVP Kirsty McGrath shares her best practices and tips and tricks around delivering successful online learning. Note, we did have some technical issues with this episode, so it might sound a little different from what it normally does but don’t let that stop you from listening along to all the great material. I also give a quick update at head of the show, for everything happening with the Microsoft Cloud.

This episode was recorded using Microsoft Teams and produced with Camtasia 2020.

Brought to you by www.ciaopspatron.com

ake a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-272-kirsty-mcgrath/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

Kirsty McGrath – MVP, Twitter, Linkedin, Web, Sydney UG, Melbourne UG, Instagram

New pricing for Microsoft 365

Securing your Windows 365 Cloud PCs

Get started with Universal Print and Windows 365 Cloud PC

Welcome to the brand new Windows 365 Community!

Get Ready to Do More with Teams Meeting Recordings in Microsoft 365!

Microsoft Security Technical Content Library

Super Duper Secure Mode

Whitepaper-Transitioning-Asia-to-a-New-Normal-of-Work.pdf (microsoft.com)

Adapting workplace learning in the time of coronavirus (mckinsey.com)

https://www.howspace.com/resources/hybrid-learning-model

https://news.griffith.edu.au/2020/10/28/hybrid-remote-learning-models-still-needed-post-pandemic/

Richard E. Mayer – Wikipedia

https://www.youtube.com/watch?v=VD4oJGAgoMQ

https://www.wgu.edu/blog/what-is-cognitive-learning2003.html#close

Why Webinar Attendees Leave Early – a 1080 Group, LLC survey brief (thevirtualpresenter.com)

Hybrid Learning Transition Approaches | Microsoft Education

Live Online Learning Facilitator – The LPI

CIAOPS Secwerks 1 is now totally virtual

In the face of continued COVID uncertainty locally I have decided to move the whole Secwerks 1 event online. The event will now be conducted fully using Microsoft Teams. Registrations are still open for the event starting on August the 5th, but now spread over 4 half day sessions to lower fatigue levels. You can register now and find a link to more details at:

www.ciaops.com

The event times will be during Thursday and Friday afternoons here in east coast Australia (GMT+10) and may not suit other locations. However, every business that registers will receive a copy of the recordings as well as the training materials. Registration is also now per business not per individual.

The Secwerks event is focused on giving you actionable information around Microsoft 365 as well as best practices, automations and understandings about how to improve the security of these environments. If you manage an Office 365 or Microsoft 365 environment, this, now, virtual event is for you.

I am working hard to add some unique sessions to the agenda and will be confirming those soon. Thanks to those who have already registered for being so accommodating in the face of this unexpected pivot but I look forward to seeing you at the event from the 5th of August 2021.

Cybercrime reporting poll

pexels-donald-tong-143580

I’ve created an anonymous public poll asking the question:

Are you reporting cybercrime incidents, like ransomware, to government or police authorities?

which is here:

https://forms.office.com/r/mENdwmaXRj

as the results rolling you can see the summary here:

http://bit.ly/ciapoll01

I’m interested to see what people are doing when it comes to reporting incidents to authorities?

Register your interest for a hands on, deep dive Microsoft 365 Security event

pexels-pixabay-356065

If you are interested in attending a hands on in person 2 day deep dive event into Microsoft Security including:

– Exchange Online

– Windows 10 hardening

– Effective incident monitoring

– Identity security

– Data protection

and more then I encourage you to register your interest now for CIAOPS Secwerks 1 in Melbourne CBD over 2 days, Thursday the 5th and Friday the 6th of August 2021. I expect demand to be extremely high for this event and I will have more to share when I have confirmed all the details. However, feel free to reach out to me if you want more information. Please register your interest here to be kept up to date with the event:

http://bit.ly/ciaopsroi

The theme of this event will be to help you understand all the technologies that the Microsoft Cloud provides, how to configure them appropriately and get your Microsoft Secure Secure above 80%. The material covered will be technical and cover all the basics but then to extend beyond Level 400. The course is specifically designed for those who need to provide security for environments connected to Microsoft 365.

I hope to see you there.

What the online world can learn from recent on prem Exchange Server challenges

It has been a pretty challenging few days for those that still manage and maintain on premises Exchange servers thanks to:

HAFNIUM targeting Exchange Servers with 0-day exploits

Throughout which I’ve seen a lot of smug cloud administrators wondering why people still bother with on premises. I think a better use of their energies would be to look at the current situation and learn from it rather than allocating it to self righteousness.

The cloud is a shared responsibility model. This means that both Microsoft and end user now responsible for the security of cloud infrastructure. Luckily, these recent Exchange issues have largely fallen to Microsoft when it comes to the cloud. Where there is room to learn for the rest of us, is in the response to the situation from those battling to contain it.

From everything I have seen online in regards to the HAFNIUM issue, what I find most interesting is the lack of a response plan. Technically, administrators can follow directions, run scripts, patch systems pretty well. However, most seem totally unprepared for this kind of situation, especially at scale. That’s what worries me the most. Why? Because challenges in the cloud can easily be of the same scale and impact.

There have been plenty of examples when services like Azure AD or Exchange Online have been unavailable, but when they have, I’ve seen the same level of, dare I say, panic. Because systems work 99.99% or more of the time ‘on average’, a large amount of complacency begins to creep into the system, especially those charged with maintaining these systems. Thoughts of disaster recovery and outage impact get put on the back burner and never really addressed because there are always ‘higher’ priorities.

What worries me is the dependency we have built into our modern lives, business and economy, to the point where most cannot function if their phones run out of charge. What worries me when I look at the response I see to broad security challenges in IT is simply the lack of a credible contingency plan. A check list of what to do, if you like. Of course, you can’t have a plan for every contingency but some semblance of a plan is better than no plan at all surely?

In the end it comes down to risk analysis. When the sun is shining, risk analysis is the furthest thing from people minds. This however, is exactly the time that it should be a priority because developing a strategy in midst of a crisis does not generally lead to the best outcome. You want to have a checklist of what to do, well in advance of whenever you may need it.

Even though the systems I work with are cloud based are immune from the HAFNIUM (it appears at least), that doesn’t stop me learning from how the unfortunate are dealing with it. I’m watching, learning and preparing, because as the saying goes, “When did Noah build the Ark?”

Before it rained.

Before it rained.

My podcasts – 2021

desk-music-headphones-earphones

You can find the previous year’s selection here:

My podcasts 2020

I do spend a lot of time listening to podcasts, generally in between things, like travelling. However, there is a limit to how many you can consume in a week and that’s why I need to be very discerning about what I listen to.

Regulars

These podcasts are ones that I generally won’t miss an episode of.

Windows Weekly

The latest Microsoft news with some fun and entertainment along the way. Paul Thurrott’s musing make this podcast alone something worth listening to.

The Tim Ferriss Show

Some really great advice, business insights and strategy. Also lots of life lessons that I have found work really well for me. A weekly must listen for me.

Hardcore History

These tend to be quite long, like reading a book, but a very good and very interesting. Luckily, they are not that frequent, so it can make a nice change from all the tech stuff

The Intrazone

All the latest news and information about SharePoint, OneDrive for Business, Teams and more directly from Microsoft.

Sync Up

A podcast focused on the Microsoft files experience around OneDrive from Microsoft.

MJF Chat

Mary Joe Foley interviewing someone in the technology field. What I really like about these are they are short and to the point. Makes it much easier to listen to on a regular basis.

Darknet Diaries

Really well produced cybersecurity focused podcast. Has a nice variety of topics and the content is good and well researched. If you enjoy the security side of IT you’ll love these episodes.

Currently evaluating

These podcasts I listen to frequently, but maybe not every episode. Some of these may eventually get cut from the roster. Anything here has to provide real business value for it to remain long term.

Security Unlocked

Still findings its feet but with the growing need focus on security I think this will provide some valuable information from Microsoft.

Windows Insider podcast

Always interesting to hear what’s the latest and greatest with Windows from Microsoft.

Microsoft Cloud Show

Tends to be somewhat developer focused but there is handy information here, once you get past some of the other stuff, although I must admit this is becoming less and less the case. In short, podcast is starting to become a little off topic and may need to make room for something else.

Cyber

A podcast focused on cybersecurity. Fairly broad and somewhat more laid back and less technical (from what I’ve listened to so far) when it comes to content. Will need to listen to more episodes before deciding if this podcast makes the cut.

#Shifthappens

A podcast focused on digital transformation, typically in the enterprise and government space. Not too long which is good.

If I have time

There are simply not enough hours in a day to get through everything. These are great podcasts but I simply don’t have the time to listen to them regularly unfortunately.

Jocko Podcast

Probably too hard core for most. For me it is a great mix of military history and business mindset training. If you have a ‘fanatical’ tendency then give this one a listen.

The Kevin Rose Show

A bit like the Tim Ferriss podcast. Plenty of interesting and different stuff that always makes you think. Somewhat irregular episodes but I am still enjoying what I’m hearing.

Business wars

Interesting to get the story behind major business rivalries. More a ‘stage production’ than a podcast. Very enjoyable if you have the time.

Behind the Tech

Hosted by Microsoft’s Chief Technology Officer, Kevin Scott, it has lots of interesting guests and topics.

Once off podcasts

Think of these more of a book you’d read or a TV show you’d watch.

13 minutes to the moon

If you love space, you’ll love this ‘podumentary’ on the moon land. The production quality is simply first class, which you would expect from the BBC. Make sure you listen to both seasons so far!

The Bomb

Another amazing BBC production focused on the Atom bombs. If you are a history buff, I’ll bet you’ll love this one as well.


I churn through these mostly at 2x speed to allow me to get through as much content as possible. I do have a few other podcasts on my current podcasting app. I am always on the lookout for good podcasts business, technology, history, whatever. So if you can recommend something you like, I’m all ears.

Finally, of course, there is my own podcasting effort:

Need to Know podcast

which covers the Microsoft Cloud (typically Microsoft 365 and Azure) as well as business topics. I encourage you to have a listen and me know what you think. 2021 will be the eleventh year that it has been available.

Hopefully, there is something of interest to you in what I listen to. Feel free to let me know as well as any recommendations you may have, as I said, I’m all ears!

My Tech Books – 2021

Tech is as much a lifestyle choice these days as it is a career. The geeks and nerds have risen to rule the world. Don’t believe me? Ask Bill Gates! Sometimes it is good to step back and take a wide look at how technology has changed the world we live in – for better and worse. My selection below I have found to be enjoyable and thought provoking in many different ways and I recommend them to everyone who is interested in tech.

There hasn’t been an change to this since last year. Good tech books are hard to come by it seems!

You can follow all the books, tech, business, non-fiction I read and want to read over at Goodreads where I have an account. You can also view my activity via:

https://www.goodreads.com/director_cia

1. Daemon – Daniel Suarez [Fiction]

A glimpse into the future of where drones and augmented reality may take us. That may not necessarily be a good place either.

2. Freedom TM – Daniel Suarez [Fiction]

A follow up to Daemon. What happens when technology dominates the world? Who benefits?

3. Ready Player One – Ernest Cline [Fiction]

Much like the Matrix. What is life like if you live inside the machine? You can be just about anyone you choose. I also love this book for all the retro technology that was part of my life. TRS-80 anyone? This book has become so popular that there is now a movie. Believe me, the book is better.

4. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers – Andy Greenberg [Non-Fiction]

This is a great book if you are interested in IT security. It is also a very current book which makes it even more engrossing. It is easy to read and quite comprehensive in its approach, not only dealing with the technology of security attack but also the geopolitical reasons and consequences.

It reveals that shadow world of nation state cyber attacks and illustrates how they are happening today and likely to increase in the future. The connected world of the Internet has brought us many benefits but it is now increasing risks as our dependencies increase to the point that there are few manual backups that don’t depend on technology.

I think this book is a real glimpse into the future and what we may be in store for in the even of rising global conflicts. If you like tech, you’ll love this!

5. Future Crimes: Inside the Digital Underground and the Battle for our Connected World – Marc Goodman [Non-fiction]

Technology will ultimately doom us all I believe because we are building our world on stuff that unfortunately places a low regard for security and privacy. This book will show you why that is a road to ruination.

6. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon – Kim Zetter [Non-Fiction]

If you don’t believe cyber warfare is real then read this book to understand how software is now a weapon as potentially devastating as any nuclear device.

7. Beyond Fear: Thinking Sensibly about Security in an Uncertain World – Bruce Schneier [Non-Fiction]

Security is important but it is important in context. We need to be rational when we consider our security not emotional. A great level headed approach to how we need to be secure.

8. American Kingpin: The Epic Hunt or the Criminal Mastermind Behind the Silk Road – Nick Bilton [Non-Fiction]

An amazingly detailed book on the rise and fall of Ross Ulbricht, the creator of the Silk Road web site. In here are asked to think about whether technology plays something more than a neutral role in today’s world.

9. The Cuckoos Egg – Clifford Stoll [Non-Fiction]

Before the Internet was in the public sphere it existed in the world of academia. This is the story of how one man’s search for the source of an accounting error uncovered something are more sinister.

10. Takedown – John Markoff and Tsutomu Shimomura [Non-Fiction]

The pursuit and eventual capture of notorious hacker Kevin Mitnick makes for great reading. Is somewhat dated now but still a great read.