ARM for Windows is here in the form of the Snapdragon Copilot+ PCs - how do you update them? Richard talks with Aria Hanson about how Windows Updates treat ARM like just another Windows device - all the updates! Aria talks about the transition time with Windows 24H2 update, which has some specific Copilot+ PC features. But when looking at ARM-based Windows devices, don't just focus on the Copilot part; check out the great battery life and the simpler architecture that should lead to long-life machines. The conversation also digs into the Windows Insider program, which now has four channels for updates, in order of likelihood to blue screen: Canary, Dev, Beta, and Release Preview.

Links

• Windows Insiders
• Copilot+ PCs
• Windows Insider Blog
• Windows Autopatch
• Windows Autopilot
• Pluton

Recorded September 18, 2024

How can you secure your company information with Azure Virtual Desktop? Richard talks to Jim Duffy about his work helping companies comply with NIST SP 800-171 security standards. These are the new standards required for Department of Defense contracting - including all subcontractors and suppliers. The security standard is thorough, with over 100 requirements. And you have to be audited to show that you comply! Even if you don't work with the government, the NIST security standard is excellent, and Jim talks about how you can use AVD to create a secure enclave for protecting data. And if you need help complying with NIST 800-171, Island Systems can help!

Links

• Azure Virtual Desktop
• NIST SP 800-171 Rev 3
• Secure Future Initiative
• Island Systems

Recorded August 12, 2024

Can you pen test yourself? Paula Januszkiewicz says yes! Richard talks to Paula about taking an active role in understanding your organization's security vulnerabilities. Paula talks about the low-hanging fruit she often finds as a professional penetration tester - typically on poorly maintained infrastructure like PKI servers. The conversation digs into tooling you can use to find vulnerabilities - just make sure you trust the source of those tools. Not everyone is a good guy in open source! And, of course, there's always a time to bring in professionals to do a deeper level of testing. Don't wait until the breach happens to take some action!

Links

• Cqure
• Penetration Testing
• GitHub Secrets Scanning
• HaveIBeenPwned

Recorded August 22, 2024

How can OpenAI help you with PowerShell? Richard talks to Doug Finke about his experiences with ChatGPT and GitHub Copilot to help him write PowerShell and how he incorporated the OpenAI API into a PowerShell library to create a conversational interface in his PowerShell scripts! Doug talks about his productivity gains using OpenAI to write better quality PowerShell faster - helping him understand the code, automate test writing, and explore aspects of PowerShell he had never dug into. But beyond writing code for him, adding the conversational interface to a PowerShell script opens a whole new interactive opportunity to make it easier for folks to use scripts and do more with them!

Links

• GitHub Copilot
• PSAI
• GPT-4o
• Doug's Blog
• Doug's YouTube Channel

Recorded August 7, 2024

Microsoft 365 Data Governance has always been critical - but it's only getting more important! Richard talks to Nikki Chapple about her experiences working with companies trying to get their "data estate in order." That phrase is what Microsoft recommends before turning on tools like Copilot for M365. Nikki talks about how hard the goal of data security is - that it is just as tricky as any other security goal. Data security is an endless process that needs refining and work on routinely as new data and classes of data arrive in the organization. In the meantime, users are taking advantage of LLMs like ChatGPT for their work whether we want them to or not - so there is a need to act quickly to provide secure capabilities!

Links

• Data. Privacy, and Security for Microsoft Copilot for M365
• Exabeam Business Rewards vs Security Risks Report
• Microsoft 2024 Work Trend Index Report
• Microsoft Purview Data Security and Compliance Protections for Generative AI Apps
• Microsoft Copilot Studio for M365
• Entra Entitlement Management
• Shareable Links in OneDrive and SharePoint in M365
• Nikki's M365 Governance Blog
• All Things M365 Governance on YouTube

Recorded August 16, 2024

What does Windows Server 2025 bring to Active Directory? Richard chats with Orin Thomas about the new version of Windows Server coming and what to expect around Active Directory. Orin talks about how mature the Windows Server space is, so only incremental improvements are warranted, but they are important ones - like retiring NTLM once and for all. And when it comes to Active Directory, there are new secure features you're going to want, but you do need to up your functional level to get them, and that means getting to at least Server 2016 functional level first... then moving everything else. When was the last time you transferred a FSMO role? Orin also digs into the new certification practice options available, where instead of answering questions, you do the work and get evaluated - cool!

Links

• What's New in Server 2025
• Sandworm
• Active Directory FSMO Roles in Windows
• Windows Server Hybrid Administrator Associate
• Windows LAPS

Recorded August 6, 2024

Do you know how asymmetric encryption works? While at the Kansas City Developers Conference, Richard sat down with Eli Holderness to discuss many of the encryption technologies being used today—and the new options coming in the future! Eli talks about how symmetrical encryption and public key encryption have been the focus of modern encryption, especially on the web. But the ongoing security arms race means we have to keep tweaking encryption—what if we made a bigger leap? Asymmetric encryption offers huge potential - but there's still a long way to go!

Links

• Passwordless Identity with Eli Holderness
• Elliptic-Curve Cryptography
• Shor's Algorithm
• Isogeny Key Exchange
• Learning with Errors
• Chrome and Hybrid Kyber KEM
• liboqs
• Lets Encrypt

Recorded June 27, 2024

What can you do to Microsoft 365 with PowerShell? Turns out - almost anything! Richard talks to Tony Redmond about his ongoing efforts to educate sysadmins about the vast array of capabilities in M365, including all the PowerShell cmdlets that can let you retrieve and control everything in M365. There's now so much information that Tony and his team have created a separate book explicitly focused on automating M365 with PowerShell. The conversation also turns to the role of Copilot - GitHub Copilot- in helping you write better PowerShell and the challenges around M365 Copilot. The goal is to take advantage of the Microsoft Graph - all that information about your M365 Tenant and what is happening inside it.

Links

• Office 365 for IT Pros
• Practical 365 Blog
• Automating Microsoft 365 with PowerShell
• Microsoft Graph SDK
• Copilot for Microsoft 365
• Microsoft Entra PowerShell
• GitHub Copilot
• Overview of Microsoft Graph

Recorded August 8, 2024