RunAs Radio

How much administration do you need? Richard chats with Tech Fellow and Father-of-PowerShell Jeffrey Snover about Just Enough Administration (JEA). The goal of JEA is to get administrators to stop living in admin accounts, to operate day-to-day with regular domain accounts and only escalate up to admin for a specific task, typically written in PowerShell. Jeffrey talks about creating a "break glass in emergency" account that is the superadmin, only to be used when there's no other way to do something. This account should be heavily logged and scrutinized, so that root cause analysis can extract the needs for the event and create more automation and security granularity around it. JEA works on Server 2008R2 and above, and will be built into Server 2016!

How do you know your systems are compliant with security and industry standards like CIS, SOX, HIIPA, PCI and so on? Chef evangelist Jessica DeVita talks to Richard about the free Chef compliance tools that can help you understand where your systems are exposed and help get you into a compliant state - and stay there. If your only check of compliance is an audit, things are going to be rough. Audits are just spotchecks, not comprehensive evaluations, and it takes time to get things into order. Having a system that can continuously check compliance state, even as code is being written, makes life much, much simpler. Check it out!

How do you manage your infrastructure like its code? Enter the release pipeline! Richard chats with Steven Murawski and Michael Greene about their recent white paper on the Release Pipeline Model. The conversation digs into the stages of developing and management configuration-as-code, including source code management, building, testing and deploying. There's a ton of tooling around each of these aspects, what you choose is very personal - and it makes sense to use what you already have onsite. Michael and Steven also dig into crisis management - taking advantage of the pipeline to respond more effectively when there are problems, and to help make sure those problems never happen again!

Ransomware is in the news, but do you know what to do about it? Richard talks to Paula Januskiewicz about how ransomware works and what you can do to prevent an attack, and how to clean up after one. An awful lot of the power of ransomware is blunted by having a good backup strategy - one that you actually know how to restore from. Paula also talks about running your workstations in a whitelist configuration, where only a known good list of software can run. There are tools built into Windows that can help you there. At the same time, having good communication between IT and users helps - sometimes the reason a computer is slow is that it is encrypting everything, and reporting that to IT gives you a chance to get a jump on the malware!

What's the state of DevOps coming into 2016? Richard chats with Gene Kim, one of the godfathers of the DevOps movement, about what he's seen over the past year and how DevOps is evolving into "the way we build and operate software." Gene talks about getting management more involved in the DevOps process, recognizing that when software is built and operated in a rapidly iterating model, the way that software is sold and utilized changes as well. More and more Gene can see that DevOps is not just about the unicorn companies, but about what every business can do to build and operate better software. Have a listen!

What is coming in SQL Server 2016? Richard chats with Brent Ozar about his thoughts on the upcoming version of SQL Server. The conversation digs into how the cloud is impacting SQL Server - features like Query Store were available first in the cloud are now showing up in this new on-premise edition! Speaking of Query Store, who wouldn't want a record of query plans so you can find out exactly why a query in production took a long time? Brent discusses other features including the stretch table to azure, always encrypted, row level security... the list goes on! The question is, when do we get this great version?

Does the cloud represent the end of the world for ISPs? Hardly, according to Barnaby Jeans. Barnaby and Richard chat about how service providing is still an important part of the equation for many customers, but the workloads are evolving. Microsoft has a Cloud Solution Provider Program to help ISPs utilize features of Azure and Office 365 as part of their overall offering. Every service provider has some unique element to their own product line up, and Azure can be used to augment or expand that offering. Looking the other way, there are opportunities for consultants to offer services in the form of Azure and Office 365 as well - take a look!

How do you diagnose performance problems in Windows? Richard chats with Microsoft Senior Premier Field Engineer Clint Huffman about the tooling he builds and use to get Windows running as fast as possible. The conversation starts out with a bit of a digression around Clint's efforts to get his Surface RT devices running fast - using the same techniques he uses everywhere! A huge long list of links in the show notes reflect all the different tools available for free to tune Windows - including Clint's own brand new ICU (Clue) Tool. Take it out for a spin!

Is the cloud really secure? Richard chats with Orin Thomas about his work developing a doctoral thesis on cloud security. Recognizing that security at this level is less about products and more about principles, Orin digs into thoughts around encryption, physical security, breach identification and more. Inevitably there are some references to particular tools like the Azure Key Vault, but the challenge is in evaluating a technology in the context of a broader principle. Lots of great thinking about security!

How do you host Linux in the cloud? Richard talks to Tim Warner about his experience managing Linux instances in Azure. According to Microsoft, about 25% of Azure's VMs are Linux! Tim focuses on the key issue of working with Linux, which is getting familiar with the command line approach of management. Sure, there are GUIs for Linux, but it's all about the command line. The CLI is becoming central to Windows server management as well, and Tim talks about setting up tooling for managing both from the command line. Development on Linux is a common practice in the open source world and becoming an important supported platform in the Microsoft space - dive in!