SKILLS & TRICKS
We have all gone through this cycle of vulnerability detected and patches applied in our careers. Some of us still go through this vicious cycle of tense, challenging and nerve wrecking moments when you are racing against time and people in business are asking for updates while the customer support is assuring the customers with eyes on the screen waiting for the announcement "Patch Applied", "Service Restored" etc
Software Patch and Vulnerability Management continue to be a major challenge for many organizations. There is no single software product or vendor source of these vulnerabilities. Organizations must consider patching at all levels of software and only applying Microsoft Patch through Tuesday updates to protect systems and data from cyber-attack is not sufficient.
Organizations that were diligent with Microsoft patches avoided WannaCry related ransomware. However, flaws with Apache Struts and Intel Processors left organizations vulnerable to cyber-attack (e.g., Spectre and Meltdown).
A lot of software companies have elected to stop providing individual patches each release period. Instead, separate and distinct patches are bundled in a roll-up model. The reason for this change is to prevent patch fragmentation that led to problems like dependency errors, lengthy scans, and testing complexity. This practice has created an all or nothing condition for customers in which selecting individual patches are no longer available. Further, software companies are building these patch bundles in a monthly rollup manner. These patch bundles not only contain all the recently announced patches, but also the previously shipped patches. This cumulative update model is intended to improve security, quality, and reliability. Yes i am referring to the Microsoft and Adobe model, however with this model in practice comes the requirement for customers to perform extensive application program compatibility testing in a short period of time—especially when functionality and non-functionality (i.e., security) code changes are mixed in the update. The days of cherry-picking patches are over.
Orchestrating patching is complex and costly. Patching has many dependencies including asset management, notification tracking, risk assessment, patch preparation, QA, release management, communications, and auditing. As with the installation of any software update, many teams must collaborate to ensure success and avoid unintended interruption of service. If any of these teams are not resourced and prepared for this demand, then patches are not properly tested and announced prior to deployment creating availability and integrity risks. If patch deployment is delayed to perform necessary QA and communication, vulnerabilities linger longer for cyber- criminals to discover and exploit. Traditional operations and project management methods of patching are not nearly rapid enough.
Sadly most organizations claim to have adopted the Agile methodology which is an iterative approach to software development and delivery but fail to address when it comes to the needs of patch upgrades and its mostly neglected until an incident takes place. I'll try my best to summarize how Agile can be implemented for patch vulnerability assessment and the structure through which you will be able to maintain pace as well as deliver quality.
This solution is based on the letsencrypt-webapp-renewer. It uses the same core library than the Azure Lets Encrypt site extension, but it is run as a WebJob. It can (should) be installed on its own web app, and supports multiple target websites.
The author of the letsencrypt-webapp-renewer has made thorough instructions, so I won't copy them here. When granting the service principal rights, you may want to only add Website Contributor and Web Plan Contributor instead of Contributor rights. The only thing needed in addition to those instructions is the support by the web app itself.
As you may already know, the Office 365 Video service is being replaced by Microsoft Stream. If you have been using Office 365 Video to publish videos, you can now start migrating it to Microsoft Stream using the self-service migration tool. If you don’t see it, you can request to register your tenant using the form available here https://aka.ms/O365VideoEarlyMigration
When you logon to your Office 365 Video portal you will see the migration banner to start the migration process
This will open a new window (https://web.microsoftstream.com/officemigration)
According to the documentation of Azure CLI you need to use az storage message put.
Sadly choosing a CMS platform is a dilemma and even the very best in the industry end up arguing with each other on the pros and cons. This post is for those who are going through this phase and are finding it difficult to make up their mind on which platform would be best suitable for them.
What the hell is a CMS
Instead of getting in to historical facts and figures, lets just put this in simple words.
A content management system (CMS) is an interface that allows users to create and manage the content of their websites. Whereas CMS’s started out as simple software to publish content online, they have grown to become core technology platforms that support cross-organisational goals and objectives, from marketing to sales.
Choosing a CMS
The CMS you choose is closely linked to your business goals and the success of your organisation. Your website is your digital estate: the online representation of your brand, your benchmark against competitors and a key driver of sales. Additionally, your website will be the destination for your marketing efforts, and a core hub of your operations.
When it comes to CMS platforms, paying more doesn’t necessarily mean better. To pick a CMS that you can rely on and is right for your business needs, a considered evaluation of features and functionality requirements is crucial.
I don't claim that i am an expert on this subject and still there is a long curve of learning involved as my career grows in to new roles. What i am sharing here are some of my observations, notes references etc related to agile leadership and how well an organization should adopt them for survival. Let’s examine some favorite ideas and concepts around agile leadership.
In my experience, there are at least five criteria for successful agile transformations. Lasting organizational change happens:
The following focus on the main concepts related to agile leadership: from servant leadership to the agile mindset to creating a learning organization. The lists are not supposed to be comprehensive but provide the interested reader with a starting point for further research.
This is one of the most controversial topics of SharePoint Online and everyone seems to have a theory. For some it works like a charm and they never get to experience the pain while others even open up tickets with Microsoft Premium Support and still the issue remain unresolved.
Yes i am referring to the great file attachment and upload sizes. When you go online to look for the right answer, all you get is confusion with out dated information. For example old articles, new ones, One Drive for Business sync tools, classic vs modern and you will get unsure exactly what sizes to recommend to a client. So, I decided to do some testing with various large dummy file sizes around what I was reading the limitations to be. The results were close to Microsoft’s article, but with a very interesting caveat .
There are a few factors when you want to know max file sizes:
Lets admit that migration of any sort is a pain and migrating something to the cloud for the first time is always challenging. I have been going through this for quite some time and finally had the chance to play with Azure Migrate and it has been a good experience overall.
If you plan to go to Azure you will have 2 choices for your current environment:
The Azure Migrate service assesses on-premises workloads for migration to Azure. The service assesses the migration suitability of on-premises machines, performs performance-based sizing, and provides cost estimations for running on-premises machines in Azure. If you’re contemplating lift-and-shift migrations, or are in the early assessment stages of migration, this service is for you. After the assessment, you can use services such as Azure Site Recovery and Azure Database Migration Service, to migrate the machines to Azure.
Why use Azure Migrate?
Azure Migrate helps you to:
I recently created a Microsoft Office 365 development environment via https://aka.ms/offdp
I was creating an environment to do some SharePoint Modern theming (I created a new Communication Site via the modern Admin interface on my new tenant), but noticed the classic (rather the older) Change the Look interface: