HTH0026: Happy Monday On A Tuesday
We had a few audio glitches, apologies for the quality variance.
- Ever want to feel better about your day? IT blunder permanently erases 145,000 users' personal chats in KPMG's Microsoft Teams deployment
- The name "KPMG" stands for "Klynveld Peat Marwick Goerdeler". It was chosen when KMG (Klynveld Main Goerdeler) merged with Peat Marwick in 1987.
- Original goal: remove one user from the retention policy
- What actually happened: "In the execution of this change, a human error was made and the policy was applied to the entire KPMG Teams deployment instead of the specific account"
- Patch survey results
- “I think Microsoft relies too heavily on input from members of the Insider program who want change for change’s sake, whereas most of us just want technology that works predictably and reliably”
- “The company has taken a straightforward patching system in Win7 and Win8.1 and made it as difficult as possible to stay up with all the changes. Their arrogant attitude on pushing out corrupt patches leaves much to be desired. If a competitor came out with a reliable OS that would run Windows apps, I’d change in a snap!”
- RE: Wine/Running Windows applications/games on non-Windows: Valve's Wine implementation on Linux is called Proton
- Teams August Updates
- M365 External Email Forwarding changes
- Basically a follow-up HTH0010 and this
- Transport rule vs. anti-spam policies
- As originally announced in MC218984 (July '20) automated external email forwarding is a tactic attackers use to exfiltrate data out of an organization. To counter that, we are updating our outbound anti-spam policies. First, we are providing a control to easily enable automatic external forwarding for select people in your organization. Second, we will change the “Automatic” setting to block automatic external forwarding. Internal automatic forwarding of messages will not be impacted by this change. NOTE: No action is needed if you don't want to allow any users to automatically forward messages externally or if no one in your tenant is currently doing so. Additionally, we understand that some organizations already have users automatically forwarding messages outside the organization and we will provide additional time and communications to enable transition to the new policy controls. For these organizations we will communicate via Message center with more details on when the change will impact your specific tenant.
- We are also moving to disable external forwarding by default so organizations are secure by default.
- Added to Roadmap: 5/1/2020, releases September CY2020, Action: review and assess by August 28, 2020
The World of E5
- So many new changes to the Security and Compliance Center
- Defender for Android (it's also coming to iOS)
- Best Practices
We Built this SYDI on Rock and Rollllll
- Use SYDI to document servers
- GitHub page
- <At the prompt, Enter the server name (FQDN) you want to grab documentation on>
- Also honorable mention to the AD Topology Diagrammer - Download
Separating work from twerk
- Keeping work from personal endpoints
- When it's okay to use a personal machine
- Cloud-based stuff
- Non-VPN resources
- Keep internal network/on-prem to work-issued hardware
- If using a personal system: Don't download; Use web portals when able!
- "In simple terms, MDM is about control of devices like smartphones and tablets, whereas MAM is focused on specific corporate applications and their related data. It’s very important to establish what you want to achieve with your mobile strategy, or you may find that you make the wrong decision." - Source
- The OneDrive debacle (syncing things to non-work systems)
- When does your personal system become a work asset?
That Is Accurate
- Squeaky lobster is the name of a toy lobster in an MS Exchange love story, and would forever change MS influence MS product development.
Ask the Stiffs: Question of the Week
- What is something you suck at as a sysadmin?
- Steve's perpetually bad at subnetting
- Tiff - anything networking (squee)