RunAs Radio

How do you build sustainable PowerShell? By testing it! Richard talks to Adam Bertram about his work with Pester, the testing library for PowerShell. Adam talks about building mature PowerShell scripts, that is, scripts you're willing to share with others. As those scripts become important parts of your application deployment process, they end up in source control and need to be tested before being run. That's where Pester comes in. And Pester does more than just test your scripts, it can test your infrastructure as well!

How do you get identity into the cloud? Richard talks to Joey Snow about his role helping folks with Azure Active Directory. Azure AD is more than just extending your on-premises Active Directory into the cloud, it provides single-sign-on to a variety of SaaS applications, and not just Microsoft ones either! Joey talks about the different techniques available to get and protect identities with the cloud, including multi-factor authentication, Azure Identity Protection and more. There are lots of options to choose from, but there is an identity solution that will work for you - check it out!

DMA vulnerabilities have been around for ten years - are your machines in danger? Richard talks to Sami Laiho about his experiences trying to close the exploit that is Direct Memory Access. This technology for rapid data transfer has been available for years with FireWire and Thunderbolt, and now exists in USB 3.1 as well. The problem is that it has been two-way memory access, so connecting two machines together via FireWire can allow the attacking machine to steal any memory it wants, like your BitLocker encryption key. Only in Windows 10 are we starting to see protection in place, and there's more to come. Scary stuff!

How can automation help you? Richard chats with Jennelle Crothers about her work automating tasks with Azure. So what does automation mean to you? Jennelle talks about automating the delivery of resources to internal developers - whether that be on-premise or in the cloud. This is part of a DevOps practice, being able to use templates so that development is using resources configured as close to production as possible. Automation also applies to testing, deployment, instrumentation, disaster recovery and more. Will IT ever run out of work? Not a chance - there's always more to do!

Can Group Policy help protect your user's machines? Definitely! Richard chats with Jeremy Moskowitz about his on-going work with group policy, including his cool tool, PolicyPak. Jeremy talks about applying least privilege principles via Group Policy, including a case of a patch from June 2016 that may have broken some of your group policies because the machine that has to apply them doesn't have sufficient privileges! Other important least privilege aspects discussed include better management of local admin accounts, control over who actually makes and changes group policy, and how to deal with users who want to install apps. Lots to learn!

What's the Delivery Pipeline and why should you care? Richard chats with Steven Murawaski about his work at Chef, helping organizations get more effective at delivering software. Steven talks about how the latest generation of platform tools such as containers, that while helping to automate the delivery of software, are not a panacea that eliminates all the challenges of said software. You still have to take the time to get your automation right and deeply understand the value of being able to rapid-fire deploy. When you go faster, things get better!

How do you get started in data science? Richard chats with long time data scientist Rafal Lukawiecki about practical data science. Rafal starts out focusing on the most common data science scenarios - understanding your customer and their needs. This goal is more complicated than it appears, often the questions first asked are not the questions you'll actually need answers to. But asking them is important since it leads to information that will influence the next round of questions. The cloud has made it easier than ever to dive into data science, but the principals are still the same: This is a science, after all!

Johan is back, and still doing deployment right! Richard talks to Johan Arwidmark about best practices and clear thinking around deployment. Johsan starts out with the idea that with the speed of updates coming these days, you really need to have a good lab. While it's awesome to test on native client hardware, it's not always possible - but testing in VMs is still a good idea! The conversation also goes to the need for caching of updates with WSUS and Configuration Manager - the network is the constrained resource and updates are only getting larger!

The oil and gas industry is in the cloud! Richard chats with John Paul Cook about his work bringing various Azure technologies to bear on the oil and gas industry. Contrary to popular belief, the oil and gas industry loves software and has embraced the cloud to increase efficiency. John talks about utilizing various Azure products to do data collection, including the IoT Hub. But the fun really starts when you get into the analysis side, using stream analytics to capture data in real time and react to it, as well as analysis tools to understand the data more deeply. Cool stuff!

Stephen Rose is back and in a new role! Richard chats with Stephen about his work on OneDrive for Business, which is one of the great cloud-enabling products out there today. Stephen talks about the automation in OneDrive for Business with Office 365 that gets rid of big email attachments, instead automatically embedding a link to the file into the email - the file itself lives in OneDrive for Business the whole time! The conversation also turns to the sophisticated security models available through the cloud with OneDrive for Business, that focus on preventative behaviors, not just reactionary. File storage has never been more interesting!