RunAs Radio

Can Group Policy help protect your user's machines? Definitely! Richard chats with Jeremy Moskowitz about his on-going work with group policy, including his cool tool, PolicyPak. Jeremy talks about applying least privilege principles via Group Policy, including a case of a patch from June 2016 that may have broken some of your group policies because the machine that has to apply them doesn't have sufficient privileges! Other important least privilege aspects discussed include better management of local admin accounts, control over who actually makes and changes group policy, and how to deal with users who want to install apps. Lots to learn!

What's the Delivery Pipeline and why should you care? Richard chats with Steven Murawaski about his work at Chef, helping organizations get more effective at delivering software. Steven talks about how the latest generation of platform tools such as containers, that while helping to automate the delivery of software, are not a panacea that eliminates all the challenges of said software. You still have to take the time to get your automation right and deeply understand the value of being able to rapid-fire deploy. When you go faster, things get better!

How do you get started in data science? Richard chats with long time data scientist Rafal Lukawiecki about practical data science. Rafal starts out focusing on the most common data science scenarios - understanding your customer and their needs. This goal is more complicated than it appears, often the questions first asked are not the questions you'll actually need answers to. But asking them is important since it leads to information that will influence the next round of questions. The cloud has made it easier than ever to dive into data science, but the principals are still the same: This is a science, after all!

Johan is back, and still doing deployment right! Richard talks to Johan Arwidmark about best practices and clear thinking around deployment. Johsan starts out with the idea that with the speed of updates coming these days, you really need to have a good lab. While it's awesome to test on native client hardware, it's not always possible - but testing in VMs is still a good idea! The conversation also goes to the need for caching of updates with WSUS and Configuration Manager - the network is the constrained resource and updates are only getting larger!

The oil and gas industry is in the cloud! Richard chats with John Paul Cook about his work bringing various Azure technologies to bear on the oil and gas industry. Contrary to popular belief, the oil and gas industry loves software and has embraced the cloud to increase efficiency. John talks about utilizing various Azure products to do data collection, including the IoT Hub. But the fun really starts when you get into the analysis side, using stream analytics to capture data in real time and react to it, as well as analysis tools to understand the data more deeply. Cool stuff!

Stephen Rose is back and in a new role! Richard chats with Stephen about his work on OneDrive for Business, which is one of the great cloud-enabling products out there today. Stephen talks about the automation in OneDrive for Business with Office 365 that gets rid of big email attachments, instead automatically embedding a link to the file into the email - the file itself lives in OneDrive for Business the whole time! The conversation also turns to the sophisticated security models available through the cloud with OneDrive for Business, that focus on preventative behaviors, not just reactionary. File storage has never been more interesting!

PowerShell? On Linux? Why would you DO that? Richard chats with Tim Warner about the recent announcements around making PowerShell open source and available on Linux and Mac OS. What does this mean? The Linux world has been script-driven since it was Unix, so does PowerShell make any sense? Tim talks about coming up with common ways to manage both Windows and Linux machines, and where PowerShell adds some interesting capabilities by being far more object-oriented than text-file-oriented. It's still early days, and there's only an alpha version on GitHub to experiment with, but it looks to be interesting times in the future!

It's 2017, do you know where your config manager is? Richard chats with Microsoft PFE Steven Rachui about his experiences helping companies manage substantial System Center Configuration Manager infrastructure. With the 2016 edition, the ability to handle rapid updates to Windows 10 is key and introduces the concept of Current Branch, as opposed to going with a more conservative stable edition of Windows. The conversation around non-Windows mobile device management focuses on using a hybrid mode to work with Microsoft InTune, but there does look to be a future of on-premise solutions as well. Lots to think about!

Are your noSQL stores safe? While at NDC London, Richard chatted with Niall Merrigan about the latest wave of exploits targeting MongoDB, ElasticSearch and others. As Niall explains, the challenge is that the default security models for many of these products leaves them vulnerable to outside attack. As these attacks have progressed, they have presented themselves as ransomware - data is removed and a bitcoin account offered up to restore the data. However, to date, even when the ransoms are paid, no data is restored. Apparently there is no honor among thieves. Now is a great time to review your security vulnerabilities, and Niall suggests looking at your systems the same way hackers do, through tools like Shodan. Give yourself a security checkup!

Of course you can scale in the cloud - but exactly how? Richard chats with Corey Sanders who goes on a whirlwind tour of the many options in Azure to help your applications be reliable and scalable. First up is a discussion on Virtual Machines and Scale Sets - rather than making separate VMs for every instance of your application, you can build them in blocks up to a thousand! After discussing the kind of problems that need a thousand of anything, Corey dives into Service Fabric and Containers, getting more fine-grained and lighter weight so that you can scale faster. And it works with existing applications as well, opening the door to moving what you have today to the cloud!