RunAs Radio is a weekly Internet Audio Talk Show for IT Professionals working with Microsoft products.
SQL Q&A from SQL Server & Azure SQL Conference Fall 2021
Back in Las Vegas and in person, this is the Q&A session from the SQL Server & Azure SQL Conference in December 2021.
Bob Ward, Anna Hoffman, Buck Woody, Bradley Ball, Tim Chapman, Pedro Lopes, and a host of other great SQL speakers fielded questions from an audience of database professionals and developers - and the questions are wide-ranging!
Getting a Security Audit with Paula Januszkiewicz
What's a security audit, and why do you need one? Richard talks to Paula Januszkiewicz about auditing security, technical reviews, and so-called penetration testing. Paula talks about needing outside experts who focus on the scope of exploits out in the world today to help make sure all aspects of your company's systems are reasonably secure - there is no such thing as perfect security! The conversation gets into the details around finding a good auditor, what to expect from them, and what they will expect from you - a good security audit takes time, and is a conversation!
Getting Certificates Right using Intune with Richard Hicks
Getting your Public Key Infrastructure right can be tricky - and getting wrong can be very bad. Richard talks to Richard Hicks about the right way to go about setting up and operating a PKI infrastructure in your organization. Different from the public certificates you use for websites and servers, Richard focuses on how to use certificates to authenticate and authorize users and devices. Tools like Intune and Autopilot can help you get certificates out to devices and users, as well as bootstrap new equipment security into your infrastructure. There's a lot to learn!
DevSecOps in 2022 with Jess Dodson
2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed!
IT in 2022
Happy holidays! Another year, another set of predictions around the life of IT Pros – now in 2022! The pandemic continues to evolve, with new variants appearing and vaccination levels getting high. Will the pandemic still be a significant factor next year? What about back-to-work plans? Or is working-from-home the new normal? The past year was tough on the security side of things with notable ransomware and business-email-compromise attacks – are you prepared? What will we be doing differently in the next year? And how did Richard's predictions from last year stand up to reality? Thanks again for listening!
Hybrid Identity with Sonia Cuff
Does your organization need hybrid identities? Richard talks to Sonia Cuff about Hybrid Active Directory, connecting your on-premises Active Directory infrastructure to M365 and Azure. There's essentially no choice in larger organizations - too many identities and applications exist that replicating identities would be a huge problem. But what about a small organization? Sonia talks about folks living in the Small Business Server and Windows Essential worlds that really could make a go of moving entirely in the cloud without hybrid - but it all comes down to applications that the organization needs. The conversation also digs into modern identity using password managers and authenticators - even going passwordless!
Unnecessary these days
I'm rating this a 5 bc I really enjoy it. But please be more careful.
"...but see what you did is you just granted access to the Corporate Gal because that's your context, to some random app on the app store..."
I realize that we don't always 'assume' when someone is talking about their doctor or their home renovation contractor that they are talking about a woman. It is *awesome* when someone does assume the person is the 'unexpected gender' like Jonathan Strickland over at TechSTuff podcast often does. Let's not continue the stereotype that the Corporate Gal is the one leaking our data or installing something bad. Maybe she is! But challenging the assumption is better -- and, especially today in the tech world with so few women and such a desperate need for more of them, we deserve it.
Ransomware episode #758
Very good episode my employer was hit when they were in worse of time business wise. Almost brought tears into my eyes. We were out commission for 28 +!days.
We paid handsome amount. Now coming to tech. point. all old servers which were our legacy DB (not MSSQL) on windows 2012 but no one connect to them directly just via tcpip connection were totally safest. No ransomwere was able hurt them. On the other hand everything else was trashed.
Plus all Linux based machine were safe too.
Anyway, good episode all IT people should listen to it.
Because of ransomwere I stopped switching to IT security field. Too much pressure.
Only 20 episodes?
The RSS feed for RunAs Radio podcast only has the last 20 episodes?