Vol. 22, #7 - February 13, 2017 - Issue #1118


Circumventing controls


Editor's Corner

This week's newsletter is all about how users (and even administrators) sometimes try to circumvent the security controls at their workplace. What, you've never tried to bypass a security control at your company? C'mon now, 'fess up! Anyways, we also have our usual tips, tools, links and other stuff, so enjoy!
Control is a big thing with managers and something ordinary employees a.k.a. worker drones constantly bump up against. Here's an illustration of this from Dilbert:

http://www.wservernews.com/go/6985cnyi/

Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at wsn@mtit.com


From the Mailbag

Last week in Issue #1117 Fashion over function we talked about the recent trend in web and software development to focus on style over usability, or as clothing designers and architects say, fashion over function. Chris who runs a Computer Services business in New Zealand sent us this comment which highlights my own frustration with the growing trend of designing operating systems and apps as "touch friendly" as opposed to being "PC friendly":

As you will be able to see from my signature I am in the PC business. One of the things that has been bugging me over the last few years is the habit of my suppliers changing their web sites to allow for touchscreen use. I think that few users of these websites actually use a touchscreen anyway but the suppliers claim that they are just keeping up with technology.
However some of them have gone so overboard in their conversion (making everything so big that a finger cannot miss it when selecting) that the end result is it takes up to 5 times LONGER to scroll through, read and maybe select items off the page. And because so much real estate is taken by the need to keep it big so much less explanatory text is included. So you have to go off to yet another page to read what used to be in the original.
So for maybe a few percent of users the rest of us have to suffer.
Same principle as Microsoft uses when it selects some of their defaults and end up catering, in some cases, to maybe only .001% of users. I have to go through every new installation and reset these defaults.
Both cases result in 10 steps forward but 12 steps backward. Progress!!!

We couldn't agree more. We'll publish more feedback from our readers on this topic in a future issue soon.
And in Issue #1116 Corporate e-learning platforms we examined the subject of providing e-learning to both IT pros and end-users, and we asked our readers what they use when they need to deliver e-learning training to users or customers. We received a couple of responses from readers on this subject. First here's a recommendation from Steve who is the CIO for a company based in Wisconsin, USA:

We use Litmos for our LMS.  Works well and provides decent bang for the buck for a simple solution.
http://www.wservernews.com/go/33pza4ip/

A second reader named Jim suggested our readers take a look at OSBLE (Online Studio-Based Learning Environment) a learning management system currently in Beta on CodePlex that supports teaching and learning communities rooted in the studio-based learning model:

http://www.wservernews.com/go/godunnir/

If any other readers have recommendations they'd like to share please send them to us at wsn@mtit.com

And now on to the main topic of this week's newsletter…

 

Circumventing controls

A few weeks ago while shopping at a local ethnic grocery store I saw something a bit scary:

Image

 

Yes that's right, it's a photo of a locked door with a paper plate jammed into it so the individual who exited the door could get back into the building without needing a key or having anyone inside open it for them. That's a classic example of someone circumventing a security control in their workplace. Locked doors are intended to keep unauthorized people out, right?

It's pretty obvious that the individual who did this didn't have malicious intentions because if they had they wouldn't have used something so visible to block the door open, they would have taped over the latch bold instead of done something similarly invisible. Unfortunately this particular store has three entrances, and this one that accesses the bakery seems to be the least used because it's by the parking area nor is it facing the front where customers come in.

So what's the danger here? Well, what if the employee who did this forgets to remove the paper plate and goes home at the end of the day. What might happen next? Well, I'm sure you can guess how this could affect the business where this employee works.

Why did the employee do this? Well, maybe they wanted to be able to go out for a smoke from time to time and didn't want to have to ask their supervisor for the key to the door. Or maybe there had been a problem with the oven they did their baking with and they had opened the door to let the smoke or smell out and they wanted to be able to do it again if necessary.

My point though is that most users (and even administrators sometimes) try to bypass security controls for a "good" purpose such as to mitigate a problem or simply to be able to get their work done. After all, in most cases there's a well-established tradeoff between security and usability (and between security and manageability) so the stricter an organization tries to lock down the security of its resources, the harder it can be to use or manage those resources in a productive and efficient manner.

In the IT world of course this issue is as old as the hills. Take a look for example at this 2008 article from the old ComputerWeekly newspaper:

http://www.wservernews.com/go/gwsj7ftl/

It's almost comic now to read how paranoid businesses were becoming about users being able to use USB flash drives to take their work home from the office when they were not authorized to do so. I still remember some companies I knew that ended up filling the USB connection slots on their PCs with epoxy so their employees wouldn't be able to do this.

A more recent TechTarget article from 2015 (registration required) confirms of course that this is still a big concern for most companies, although the focus has seemed to have shifted more to getting access to an application or website you haven't been authorized to use or visit:

http://www.wservernews.com/go/et937ic5/

You might also want to read this article on eSecurity Planet which describes some survey results that suggest almost 70 percent of MIS, CIO, CISO and other IT pro types would willingly bypass their company's security controls if they needed to close an important deal:

http://www.wservernews.com/go/bss21d6z/

How about you?

What are some of the ways users in your own company or organization have tried to ingeniously get around the security rules and IT controls in place? What are some ways you've heard about from your colleagues? Have you ever circumvented a workplace security control with "good intent" to meet a deadline or some other reason? Who do you think tries to do this kind of thing more often: ordinary end users, people in management positions, or IT administrators? Email your observations, comments and stories to us at wsn@mtit.com as a courtesy you can request that we keep your response confidential i.e. we'll include it in our mailbag as sent in by Anonymous.

Send us your feedback

Got feedback about anything in this issue of WServerNews? Email us at wsn@mtit.com

 

Recommended for Learning

Network Policy Server (NPS) Technical Reference for Windows Server 2016

This new technical reference provides a detailed description of NPS, including how NPS works, and the tools and settings you can use to deploy, administer, and troubleshoot NPS. You can download it from the link in this blog post on The WSiX Network Connection blog

http://www.wservernews.com/go/q0wmoh7t/

 

Microsoft Virtual Academy

Exploring Cloud Application Security

If you're exploring improved protection for your cloud applications, be sure to check out this Microsoft Cloud Application Security tutorial. Cloud App Security is a comprehensive service that provides deeper visibility and comprehensive controls for your cloud applications. Join expert Stephen Clark for an in-depth look at navigation, discovery, data control, and threat protection. Learn about Shadow IT, the Cloud App Marketplace, monitoring cloud app migrations, enforcing cloud app policies, and much more. Get the details on Cloud Application Security, which is designed to help you extend the visibility, auditing, and control you have on-premises for your cloud applications.

http://www.wservernews.com/go/a9fnvxt9/
  

Factoid of the Week

Last week's factoid and question was this:

Heroin was originally marketed as cough medicine. Question: What other substances that are now banned were previously legally available in the marketplace or were included as ingredients in popular foods, beverages or medicines?

A reader named Paul pointed out another obvious example:

Cocaine... as in Coca Cola

While George from Florida, USA sent us the following interesting tidbit:

Absinthe, a highly alcoholic drink, was popular in the 18th/19th centuries, but was banned in the U.S. in 1915 due to its hallucinogenic properties.  Alleged use as a love potion by the bohemian culture popularized the saying, "Absinthe makes the heart grow fonder."
 
Now let's move on to this week's factoid:
 
Fact: There is only one stop sign in the whole of Paris.
 
Source: http://www.wservernews.com/go/16c0jsr5/
 
Question: What unusual road signs have you encountered in your own corner of the world?

Email us your answer: wsn@mtit.com
 
Until next week,

Mitch Tulloch



Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at wsn@mtit.com

Get the Hyper-V performance monitoring you need with Veeam free tool. It’s portable so you can run it from any USB device for emergency troubleshooting. No installation or integration needed!

http://www.wservernews.com/go/4tg7cxic/

MDB to CSV Converter is a simple converter for mdb files to csv that converts all of the tables inside mdb file to separate csv files:

http://www.wservernews.com/go/ll5su3q3/

WifiHistoryView is a portable tool which displays a history of your system's connections to/ disconnections from wireless networks:

http://www.wservernews.com/go/3yrfjbao/

7zbackup is a PowerShell script aimed to help you automate your backup tasks:

http://www.wservernews.com/go/ie4hgknl/

 

This Week's Tips

GOT TIPS you'd like to share with other readers? Email us at wsn@mtit.com

Azure - Migrating out of Azure RemoteApp

TechNet's Tip of the Day site has a helpful tip called "Options for migrating out of Azure RemoteApp" which can be found here:

http://www.wservernews.com/go/xoipckeu/

Windows Server - Resolving DDNS registration failures

Here's another Tip of the Day tip from TechNet, this one is about how you can combat DDNS registration failures where DNS updates are managed by a DHCP server:

http://www.wservernews.com/go/q3a6q6h1/

Azure - Configuring Azure AD token lifetimes

And here's still one more tip from TechNet's Tip of the Day blog, this one is about how to configure the lifetimes for tokens issued by Azure AD for all apps in your organization:

http://www.wservernews.com/go/6d0jeb6s/

Events Calendar

North America

Microsoft Ignite Australia on February 14-17, 2017 at the Gold Coast Convention & Exhibition Centre, Broadbeach, QLD

http://www.wservernews.com/go/c14gi3l6/

Microsoft Worldwide Partner Conference (WPC) on July 9-13. 2017 in Washington, D.C.

http://www.wservernews.com/go/h59k1ze8/

Add Your Event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact info@techgenix.com

New on TechGenix.com

These week we're focusing on some of the many security articles that have recently been published on Techgenix.com:

Prioritize your Security Controls – Protect, Detect and Remediate (Part 1)

http://www.wservernews.com/go/8wc7hjeo/

Prioritize your Security Controls – Protect, Detect and Remediate (Part 2)

http://www.wservernews.com/go/uozzopvb/

Best security features of Windows Server 2016

http://www.wservernews.com/go/7cg69m7h/

How Windows Server 2016 manages security – for CIOs

http://www.wservernews.com/go/qd1na1kf/

Shielded VMs in Server 2016

http://www.wservernews.com/go/iibw0wx4/

Impact of Technology on Wireless Security

http://www.wservernews.com/go/hwj6g166/

The Ultimate Guide to Addressing Web Security Vulnerabilities

http://www.wservernews.com/go/517ij1c1/

Browser face-off: The most secure browser award goes to…

http://www.wservernews.com/go/yem5eh5l/

 

Tech Briefing

Security

Ransomware-let's fight back! (WindowsSecurity.com)

http://www.wservernews.com/go/ax86ua49/

Averting ransomware epidemics in corporate networks with Windows Defender ATP (Microsoft Malware Protection Center)

http://www.wservernews.com/go/l2orgdxn/

Storage

SSD, flash, Non-volatile memory (NVM) storage Trends, Tips & Topics (StorageIO blog)

http://www.wservernews.com/go/uv5ixdw4/

The Looming Storage Crisis (Virtualization Review)

http://www.wservernews.com/go/cexompkb/

VMware

vSAN 6.5: A Real-World Review (Virtualization Review)

http://www.wservernews.com/go/c60vkyvw/

Introducing VMware PowerCLI Core (Part 1) (VirtualizationAdmin.com)

http://www.wservernews.com/go/a7uc2ai3/

Windows 10

Learn How to Bash: Using the Windows Subsystem for Linux (Virtualization Review)

http://www.wservernews.com/go/ymctjjai/

Windows as a service: A new way to build, deploy, and service Windows (Microsoft USD Partner Enablement blog)

http://www.wservernews.com/go/0tfxdpp3/

Windows Server

AD ACL Scanner (Jason's Blog)

http://www.wservernews.com/go/hgtwfuyv/

Windows Server 2016 Data Deduplication users: please install KB3216755! (Server Storage at Microsoft)

http://www.wservernews.com/go/9ctokiga/

 

Other Articles of Interest

Get started with Microsoft Azure Security Center

The Microsoft Azure Security Center is a service within the Azure platform that helps users prevent, detect, and respond to security threats for all cloud resources. In this tip, explore a breakdown of the key features within Security Center, and tips for using the service.

http://www.wservernews.com/go/3dx4h99j/

Three VDI challenges that can derail any project

Few technology-based projects are as simple to build and maintain as vendors suggest, and VDI takes that to a whole new level. But some factors cause many organizations to scale back their VDI projects or abandon them altogether. In this tip, discover three challenges that can derail any project.

http://www.wservernews.com/go/qas9spi6/

How to defend your VMs and virtualization hosts against cyberattacks

In an increasingly virtualized world, there's always the risk of falling prey to a cyberattack. The best way to prevent an attack is to have a solid security plan in place. In this tip, learn how to truly secure your VMs with a multilayered approach both within the VM itself and within the virtualization stack.

http://www.wservernews.com/go/5ru4yf0t/

System Center 2016 new features -- and changes -- worth noting

Microsoft has introduced key Windows Server 2016 features into the new version of System Center, including features for security, reduced OS overhead for applications, cluster management, and more. In this tip, learn more about these features and how they can affect you System Center deployment.

http://www.wservernews.com/go/7le5cs09/

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at wsn@mtit.com

Some videos on security from Flixxy:

Amazing Teamwork By Raccoon Family To Climb Over A Wall

http://www.wservernews.com/go/ac0nxgdv/

Mattress With Built-In Safe - "My Mattress Savings Bank"

http://www.wservernews.com/go/k9ai0pt7/

Bedside Table Security System

http://www.wservernews.com/go/hefwupr6/

Women Self Defense In 1947

http://www.wservernews.com/go/t6fgtgjn/

Security and Data Protection in a Google Data Center

http://www.wservernews.com/go/56xxwmic/

 

WServerNews - Product of the Week

 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his  outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.