Posts from 2020

Managing Windows 10 Updates using Microsoft Intune

Richard Green on 1st April 2020

Previously, we wrote about using Azure Update Management to perform Software Updates on Windows Server-based systems but what about Windows 10. In this article, we will explore Managing Windows 10 Updates using Microsoft Intune.

In on-premises environments, we use solutions like Windows Server Updates Services (WSUS), System Center Configuration Manager (SCCM), or Microsoft Endpoint Manager. Yes, you can continue to use SCCM and Endpoint Manager with their Cloud Attach Co-Management features, however, what about if you have a cloud-native environment? What about if you have an environment where users are using non-domain joined devices?

Securing Passwords with Azure AD Password Protection

Richard Green on 22nd February 2020

Organisations define password policies to ensure that their users are not setting weak passwords that can be easily compromised. In this article, we explore securing passwords with Azure AD Password Protection and whether it can help make you more secure but also easier on your users.

Traditional password policies in Active Directory rely on basic filters to determine the number of characters and type of characters including numbers, letters, and symbols. On face value these policies may seem secure, however, are these policies actually causing the problem and much weaker than you think?

Manage Software Updates with Azure Update Management

Richard Green on 16th February 2020

The answer is Azure Update Management so what is the problem we are trying to solve? At Arcible, we have some on-premises servers. To keep safe, secure, and compliant, these servers need patching just like any other server does. Our environment is small and not big enough to justify a Microsoft Endpoint Manager (formerly Configuration Manager) deployment and Windows Server Updates Services (WSUS) is too painful and manual to manage.

So if we aren’t using Microsoft Endpoint Manager or WSUS, what do we do? We want a solution that’s automated to reduce the admin overhead but while being lightweight and not costing much.

Is Your Physical Security Exposing Your Information Security

Richard Green on 12th February 2020

Last week I stumbled across a rather interesting set of videos on YouTube by a presenter called Deviant Ollam (https://www.youtube.com/results?search_query=deviant+ollam+physical+security). Deviant Ollam is a physical security penetration tester in the US and runs a company doing just that: trying to gain access to places he shouldn’t. We’re not talking black hat breaking in activity here but we are talking about white hat: doing these things paid for by the client to test their physical security.

What I found watching some of these videos was startling. Yes, some of the content is a little bit US-centric and perhaps doesn’t apply to the UK, however, it really got me thinking about a question. As IT, we spend all this time and money investing in information security, event logging, event monitoring, alerting, and more. If the physical security of our premises, however, is so easily bypassed, are we just making it too easy for would-be attackers.

The New Microsoft Edge Stable Release

Richard Green on 31st January 2020

Earlier this month, Microsoft made the new Microsoft Edge Stable release of its new, Chromium engine based, Microsoft Edge browser available. We’ve been using this new browser, at Arcible, in its early forms for quite a while now and with the stable release now available, that means it’s ready for adoption by end-users.