In 2002, Bill Gates announced a new direction for Microsoft: A change in culture, process, and a fundemental shift in product design, and this was known as the Trustworthy Computing (TwC) initiative. In this first part of a series I'm going to start on Microsoft's approach to security, I thought I'd take a look back at the great steps Microsoft made to enhance trust and security across it's Office, Windows, and other products.
Azure AD Connect is Microsoft's secure integration and synchronisation tool, designed to help sites adopt hybrid identities. The solution has a number of different components that can be enabled, and can manage everything from enabling secure Pass-Through Authentication (PTA) via your existing Active Directory (AD) Domain, or by synchronising your users, groups, and even devices,... Continue Reading →
I’ve seen a lot of confusion around this feature, and some people pointing at it as a weak point in identity security because they believe the synchronised content can be intercepted, replayed, or otherwise compromised. I’m here to say, this is not the case at all. I'm going to make this blog post really short:... Continue Reading →
Preface: We’re currently planning the next phase of modernisation for our fleet of Windows devices. In our case, the environment already ticks a number of "best practice" boxes, and is already up-to-date according to Microsoft's definition of "Modern Desktop"... but there is always more to learn, and new features which can help you and your... Continue Reading →
In a recent post, I addressed some of the criticisms aimed at the use of classroom technology, and attempted to provide evidence that computers do, in fact, benefit students... however the type of devices and activities in which the devices are used, are critical to the overall success of 1:1 programmes. For many schools, the... Continue Reading →
In almost all Active Directory (AD) environments, access to resources will be managed via security groups, and group emails handled by distribution groups. While it is also possible to add devices to security groups, and use these to perform some pretty useful functions, it’s mostly all about the users. Managing Active Directory on-premises is an... Continue Reading →
Some would argue that Microsoft was never a cool company, but I dispute that: Just think back to October 2015, where Panos Panay took to the stage, to deliver a One-Windows reality that none of us expected; that spanned awesome Surface devices, Xbox, a wearable in the Microsoft Band, oh... and the HoloLens. There wasn't a tech... Continue Reading →
In 2015, I had the privilege of attending the Microsoft Ignite conference on the Gold Coast. While I loaded up my schedule with plenty of sessions on Azure and Office 365, I also made sure to attend as many Surface-centric events as possible: And I managed to get to quite a few. One of the... Continue Reading →
In my previous two posts, I described the Microsoft Installer (MSI), as well as Application Virtualization (App-V), and now it's time to talk about Click-to-Run (C2R). Click-to-Run is actually an installer stub, streamer, and command line technology, based on Microsoft's App-V technology, and is currently used for the delivery of Microsoft Office ProPlus products. Traditionally,... Continue Reading →
In my previous article, I covered the Microsoft Installer (MSI), which is a traditional installation technology; and a technology that requires that the entire installer be downloaded/cached, and which then proceeds to write to the file system and registry in one go. As far as legacy installers go, MSI technology offers many advantages, but none quite... Continue Reading →
Long story short, a Microsoft Installer - sometimes referred to as Windows Installer, or just MSI - is a relational database, that contains internal tables that define an installation: And is therefore a software installer, just like the typical 'setup.exe', only far more powerful. As of writing this post, the MSI format is now eighteen (18)... Continue Reading →
The Secure Time Seeding feature was shipped in the Windows 10 November 2015 (1511) release and is turned on by default. You may have seen the improvements in timekeeping on your Windows tablets and other Windows devices running this version of the OS, but you may have also found issues with broken authentication to SharePoint... Continue Reading →
An area where Windows 10 attempts to help users, but ultimately may cause problems in some environments, is with the network connectivity test the Operating System runs when establishing a new connection. Essentially, to work out whether your network connection is behind a captive portal or not, or has Internet access at all, Windows attempts... Continue Reading →
Starting with Windows 10 Fall Creators Update (1709), many people have found some unusual behaviour with the new Windows Defender Security Center (WDSC), and most of these issues appear to be related to firewall policies. The WDSC was introduced in Windows 10 Creators Update (1703), however it appears that changes in more recent versions of may... Continue Reading →
You've heard of Azure Active Directory (AAD), right? If not, here's the TLDR: It's Microsoft's cloud based directory for users, groups, and devices; It's the back end, that holds all the users, user attributes, and licenses for Office 365 (using AAD Free), and can be scaled up via Azure AD Premium licenses to provide enough... Continue Reading →
You must be logged in to post a comment.