Vol. 22, #7 - February 13, 2017 - Issue #1118
- Editor's Corner
- From the Mailbag
- Circumventing controls
- Send us your feedback
- Recommended for Learning
- Microsoft Virtual Academy
- Factoid of the Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- This Week's Tips
- Azure - Migrating out of Azure RemoteApp
- Windows Server - Resolving DDNS registration failures
- Azure - Configuring Azure AD token lifetimes
- Events Calendar
- North America
- Add Your Event
- New on TechGenix.com
- Recommended articles from TechGenix.com
- Tech Briefing
- Windows 10
- Windows Server
- Other Articles of Interest
- Get started with Microsoft Azure Security Center
- Three VDI challenges that can derail any project
- How to defend your VMs and virtualization hosts against cyberattacks
- System Center 2016 new features -- and changes -- worth noting
- WServerNews FAVE Links
- Amazing Teamwork By Raccoon Family To Climb Over A Wall
- Mattress With Built-In Safe - "My Mattress Savings Bank"
- Bedside Table Security System
- Women Self Defense In 1947
- Security and Data Protection in a Google Data Center
- WServerNews - Product of the Week
- Proactively Alert on Active Directory Performance
- Proactively Alert on Active Directory Performance
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- SEND YOUR FEEDBACK to email@example.com if you have any comments or suggestions!
This week's newsletter is all about how users (and even administrators) sometimes try to circumvent the security controls at their workplace. What, you've never tried to bypass a security control at your company? C'mon now, 'fess up! Anyways, we also have our usual tips, tools, links and other stuff, so enjoy!
Control is a big thing with managers and something ordinary employees a.k.a. worker drones constantly bump up against. Here's an illustration of this from Dilbert:
From the Mailbag
Last week in Issue #1117 Fashion over function we talked about the recent trend in web and software development to focus on style over usability, or as clothing designers and architects say, fashion over function. Chris who runs a Computer Services business in New Zealand sent us this comment which highlights my own frustration with the growing trend of designing operating systems and apps as "touch friendly" as opposed to being "PC friendly":
As you will be able to see from my signature I am in the PC business. One of the things that has been bugging me over the last few years is the habit of my suppliers changing their web sites to allow for touchscreen use. I think that few users of these websites actually use a touchscreen anyway but the suppliers claim that they are just keeping up with technology.
However some of them have gone so overboard in their conversion (making everything so big that a finger cannot miss it when selecting) that the end result is it takes up to 5 times LONGER to scroll through, read and maybe select items off the page. And because so much real estate is taken by the need to keep it big so much less explanatory text is included. So you have to go off to yet another page to read what used to be in the original.
So for maybe a few percent of users the rest of us have to suffer.
Same principle as Microsoft uses when it selects some of their defaults and end up catering, in some cases, to maybe only .001% of users. I have to go through every new installation and reset these defaults.
Both cases result in 10 steps forward but 12 steps backward. Progress!!!
We couldn't agree more. We'll publish more feedback from our readers on this topic in a future issue soon.
And in Issue #1116 Corporate e-learning platforms we examined the subject of providing e-learning to both IT pros and end-users, and we asked our readers what they use when they need to deliver e-learning training to users or customers. We received a couple of responses from readers on this subject. First here's a recommendation from Steve who is the CIO for a company based in Wisconsin, USA:
We use Litmos for our LMS. Works well and provides decent bang for the buck for a simple solution.
A second reader named Jim suggested our readers take a look at OSBLE (Online Studio-Based Learning Environment) a learning management system currently in Beta on CodePlex that supports teaching and learning communities rooted in the studio-based learning model:
If any other readers have recommendations they'd like to share please send them to us at firstname.lastname@example.org
And now on to the main topic of this week's newsletter…
A few weeks ago while shopping at a local ethnic grocery store I saw something a bit scary:
It's pretty obvious that the individual who did this didn't have malicious intentions because if they had they wouldn't have used something so visible to block the door open, they would have taped over the latch bold instead of done something similarly invisible. Unfortunately this particular store has three entrances, and this one that accesses the bakery seems to be the least used because it's by the parking area nor is it facing the front where customers come in.
So what's the danger here? Well, what if the employee who did this forgets to remove the paper plate and goes home at the end of the day. What might happen next? Well, I'm sure you can guess how this could affect the business where this employee works.
Why did the employee do this? Well, maybe they wanted to be able to go out for a smoke from time to time and didn't want to have to ask their supervisor for the key to the door. Or maybe there had been a problem with the oven they did their baking with and they had opened the door to let the smoke or smell out and they wanted to be able to do it again if necessary.
My point though is that most users (and even administrators sometimes) try to bypass security controls for a "good" purpose such as to mitigate a problem or simply to be able to get their work done. After all, in most cases there's a well-established tradeoff between security and usability (and between security and manageability) so the stricter an organization tries to lock down the security of its resources, the harder it can be to use or manage those resources in a productive and efficient manner.
In the IT world of course this issue is as old as the hills. Take a look for example at this 2008 article from the old ComputerWeekly newspaper:
It's almost comic now to read how paranoid businesses were becoming about users being able to use USB flash drives to take their work home from the office when they were not authorized to do so. I still remember some companies I knew that ended up filling the USB connection slots on their PCs with epoxy so their employees wouldn't be able to do this.
A more recent TechTarget article from 2015 (registration required) confirms of course that this is still a big concern for most companies, although the focus has seemed to have shifted more to getting access to an application or website you haven't been authorized to use or visit:
You might also want to read this article on eSecurity Planet which describes some survey results that suggest almost 70 percent of MIS, CIO, CISO and other IT pro types would willingly bypass their company's security controls if they needed to close an important deal:
How about you?
What are some of the ways users in your own company or organization have tried to ingeniously get around the security rules and IT controls in place? What are some ways you've heard about from your colleagues? Have you ever circumvented a workplace security control with "good intent" to meet a deadline or some other reason? Who do you think tries to do this kind of thing more often: ordinary end users, people in management positions, or IT administrators? Email your observations, comments and stories to us at email@example.com as a courtesy you can request that we keep your response confidential i.e. we'll include it in our mailbag as sent in by Anonymous.
Send us your feedback
Got feedback about anything in this issue of WServerNews? Email us at firstname.lastname@example.org
Recommended for Learning
Network Policy Server (NPS) Technical Reference for Windows Server 2016
This new technical reference provides a detailed description of NPS, including how NPS works, and the tools and settings you can use to deploy, administer, and troubleshoot NPS. You can download it from the link in this blog post on The WSiX Network Connection blog
Microsoft Virtual Academy
Exploring Cloud Application Security
If you're exploring improved protection for your cloud applications, be sure to check out this Microsoft Cloud Application Security tutorial. Cloud App Security is a comprehensive service that provides deeper visibility and comprehensive controls for your cloud applications. Join expert Stephen Clark for an in-depth look at navigation, discovery, data control, and threat protection. Learn about Shadow IT, the Cloud App Marketplace, monitoring cloud app migrations, enforcing cloud app policies, and much more. Get the details on Cloud Application Security, which is designed to help you extend the visibility, auditing, and control you have on-premises for your cloud applications.
Factoid of the Week
Heroin was originally marketed as cough medicine. Question: What other substances that are now banned were previously legally available in the marketplace or were included as ingredients in popular foods, beverages or medicines?
Cocaine... as in Coca Cola
While George from Florida, USA sent us the following interesting tidbit:
Email us your answer: email@example.com
GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at firstname.lastname@example.org
Get the Hyper-V performance monitoring you need with Veeam free tool. It’s portable so you can run it from any USB device for emergency troubleshooting. No installation or integration needed!
MDB to CSV Converter is a simple converter for mdb files to csv that converts all of the tables inside mdb file to separate csv files:
WifiHistoryView is a portable tool which displays a history of your system's connections to/ disconnections from wireless networks:
7zbackup is a PowerShell script aimed to help you automate your backup tasks:
GOT TIPS you'd like to share with other readers? Email us at email@example.com
Azure - Migrating out of Azure RemoteApp
TechNet's Tip of the Day site has a helpful tip called "Options for migrating out of Azure RemoteApp" which can be found here:
Windows Server - Resolving DDNS registration failures
Here's another Tip of the Day tip from TechNet, this one is about how you can combat DDNS registration failures where DNS updates are managed by a DHCP server:
Azure - Configuring Azure AD token lifetimes
And here's still one more tip from TechNet's Tip of the Day blog, this one is about how to configure the lifetimes for tokens issued by Azure AD for all apps in your organization:
Microsoft Ignite Australia on February 14-17, 2017 at the Gold Coast Convention & Exhibition Centre, Broadbeach, QLD
Microsoft Worldwide Partner Conference (WPC) on July 9-13. 2017 in Washington, D.C.
Add Your Event
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact firstname.lastname@example.org
These week we're focusing on some of the many security articles that have recently been published on Techgenix.com:
Prioritize your Security Controls – Protect, Detect and Remediate (Part 1)
Prioritize your Security Controls – Protect, Detect and Remediate (Part 2)
Best security features of Windows Server 2016
How Windows Server 2016 manages security – for CIOs
Shielded VMs in Server 2016
Impact of Technology on Wireless Security
The Ultimate Guide to Addressing Web Security Vulnerabilities
Browser face-off: The most secure browser award goes to…
Ransomware-let's fight back! (WindowsSecurity.com)
Averting ransomware epidemics in corporate networks with Windows Defender ATP (Microsoft Malware Protection Center)
SSD, flash, Non-volatile memory (NVM) storage Trends, Tips & Topics (StorageIO blog)
The Looming Storage Crisis (Virtualization Review)
vSAN 6.5: A Real-World Review (Virtualization Review)
Introducing VMware PowerCLI Core (Part 1) (VirtualizationAdmin.com)
Learn How to Bash: Using the Windows Subsystem for Linux (Virtualization Review)
Windows as a service: A new way to build, deploy, and service Windows (Microsoft USD Partner Enablement blog)
AD ACL Scanner (Jason's Blog)
Windows Server 2016 Data Deduplication users: please install KB3216755! (Server Storage at Microsoft)
Get started with Microsoft Azure Security Center
The Microsoft Azure Security Center is a service within the Azure platform that helps users prevent, detect, and respond to security threats for all cloud resources. In this tip, explore a breakdown of the key features within Security Center, and tips for using the service.
Three VDI challenges that can derail any project
Few technology-based projects are as simple to build and maintain as vendors suggest, and VDI takes that to a whole new level. But some factors cause many organizations to scale back their VDI projects or abandon them altogether. In this tip, discover three challenges that can derail any project.
How to defend your VMs and virtualization hosts against cyberattacks
In an increasingly virtualized world, there's always the risk of falling prey to a cyberattack. The best way to prevent an attack is to have a solid security plan in place. In this tip, learn how to truly secure your VMs with a multilayered approach both within the VM itself and within the virtualization stack.
System Center 2016 new features -- and changes -- worth noting
Microsoft has introduced key Windows Server 2016 features into the new version of System Center, including features for security, reduced OS overhead for applications, cluster management, and more. In this tip, learn more about these features and how they can affect you System Center deployment.
This Week's Links We Like. Tips, Hints And Fun Stuff
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at email@example.com
Some videos on security from Flixxy:
Amazing Teamwork By Raccoon Family To Climb Over A Wall
Mattress With Built-In Safe - "My Mattress Savings Bank"
Bedside Table Security System
Security and Data Protection in a Google Data Center
WServerNews - Editors
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7www.mtit.com.Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.