RunAs Radio

How does your organization respond to incidents? While at NDC Porto, Richard chatted with Mandi Walls about her experiences with different incidents, from corrupted files to data center failures. Mandi talks about detecting and determining the scope of an incident, whether it is specific to a customer (or group of customers), or possibly system wide. The conversation ranges over external attacks, bad software updates, unique configuration problems, and more. Keeping good records during the incident helps clean up after the event and provides for an effective retrospective.LinksPagerDutyRecorded October 17, 2024

How do you test your database? While at NDC Porto, Richard chatted with Dan Mallott about building unit tests for transactional databases like SQL Server. Dan talks about using testing frameworks constructed for the purpose, like TSQL-T, to make it easier to test individual database elements, from stored procedures to column constraints. The conversation digs into the challenges around testing, tolerating the changes to the database, and tweaking how you write your T-SQL code to be more testable. But the power of getting database tests into your CI/CD pipeline is enormous - catch more problems in testing before they become problems in production!LinkstsqltDbFitRecorded October 17, 2024

What's happening with SQL Server Management Studio? Richard chats with Erin Stellato, now at Microsoft, about the big jump coming for SSMS. Erin talks about how folks felt SSMS was a bit neglected when the reality is that there was a push to catch up with its parent codebase in Visual Studio. However, the next version of SSMS makes that jump, which opens the door to some excellent extension models. The conversation dives into the role of the Copilots in SQL Server through SSMS - helping you understand databases, write queries, and diagnose problems - eventually!LinksSQL Server Management StudioAzure SQL DatabaseSQL Server Integration ServicesSQL Server Data ToolsSQL FormatterRecorded September 26, 2024

Aidan Finn, an Azure MVP and principal consultant with InnoFactor Norway, dives into the world of Software-Defined Networking within Azure. He discusses the key differences between Azure Firewall SKUs and shares best practices for configuration. Aidan highlights the importance of user feedback in shaping security features and addresses the challenges of cloud migration, advocating for modern security approaches. He also emphasizes the benefits of software-defined networking, making Azure Firewall accessible through abundant educational resources.

In this engaging discussion, Aria Hanson, a program manager at Microsoft specializing in Windows updates, shares insights on managing updates for ARM devices like the new Snapdragon Copilot+ PCs. She highlights the seamless integration of ARM in the Windows update process and the impressive battery life advantages. The conversation dives into the various channels of the Windows Insider program and touches on the significance of ARM architecture for efficiency and security. Expect a peek into the future of AI-driven PCs and their benefits over traditional workstations!

How can you secure your company information with Azure Virtual Desktop? Richard talks to Jim Duffy about his work helping companies comply with NIST SP 800-171 security standards. These are the new standards required for Department of Defense contracting - including all subcontractors and suppliers. The security standard is thorough, with over 100 requirements. And you have to be audited to show that you comply! Even if you don't work with the government, the NIST security standard is excellent, and Jim talks about how you can use AVD to create a secure enclave for protecting data. And if you need help complying with NIST 800-171, Island Systems can help!LinksAzure Virtual DesktopNIST SP 800-171 Rev 3Secure Future InitiativeIsland SystemsRecorded August 12, 2024

Paula Januszkiewicz, founder of Secure Academy, shares her cybersecurity expertise, encouraging proactive vulnerability assessments. She highlights common oversights organizations make, particularly with PKI servers. The discussion delves into effective penetration testing tools while warning about the risks of unreliable sources. Paula emphasizes the need for ethical considerations in cybersecurity, balancing automated methods with manual assessments. She also touches on the importance of security awareness and services like 'Have I Been Pwned' to help prevent breaches.

Doug Finke, a 15-time Microsoft MVP and author of "PowerShell for Developers," shares his insights on leveraging OpenAI tools like ChatGPT and GitHub Copilot to enhance PowerShell scripting. He discusses how incorporating the OpenAI API into PowerShell scripts can create conversational interfaces, making scripts more user-friendly. Doug highlights productivity gains, automating tasks, and exploring new features. The integration of AI tools promises to transform coding workflows, improving accessibility and support for developers at all levels.

Microsoft 365 Data Governance has always been critical - but it's only getting more important! Richard talks to Nikki Chapple about her experiences working with companies trying to get their "data estate in order." That phrase is what Microsoft recommends before turning on tools like Copilot for M365. Nikki talks about how hard the goal of data security is - that it is just as tricky as any other security goal. Data security is an endless process that needs refining and work on routinely as new data and classes of data arrive in the organization. In the meantime, users are taking advantage of LLMs like ChatGPT for their work whether we want them to or not - so there is a need to act quickly to provide secure capabilities!LinksData. Privacy, and Security for Microsoft Copilot for M365Exabeam Business Rewards vs Security Risks ReportMicrosoft 2024 Work Trend Index ReportMicrosoft Purview Data Security and Compliance Protections for Generative AI AppsMicrosoft Copilot Studio for M365Entra Entitlement ManagementShareable Links in OneDrive and SharePoint in M365Nikki's M365 Governance BlogAll Things M365 Governance on YouTubeRecorded August 16, 2024

Orin Thomas, a Principal Cloud Operations Advocate at Microsoft and author of multiple books on Microsoft technologies, shares insights on Windows Server 2025's impact on Active Directory. He discusses key improvements, like the retirement of NTLM and the importance of upgrading to at least Server 2016 functional level for new security features. Orin also explores innovative certification practices, emphasizing hands-on evaluations that reflect real-world skills. Tune in for a deep dive into modernizing IT infrastructure and enhancing security!