Happy New Year!

Published On: 2021-01-01By:

Happy New Year!!

Looking back at my Happy New Year! post from the start of 2020, I of course, didn’t realize the brute force of the global pandemic that was about to hit.  Even with the dumpster fire that was 2020, good things still occurred even in the midst of the world burning.  Babies were born.  Relationships started.  New doors opened with new opportunities and the list continues.  2020 is behind us now and in the review mirror.  Let’s focus on making 2021 a vast improvement from 2020.

With that said, I’m going to repeat my thoughts for the new year.  They are still valid and hold true.

Here are some thoughts for the new year:

  • Don’t wait to start that project.  Some day never comes around.
  • You are perfect the way you are.  However, if you want to get healthy, know that you aren’t alone.  You got this.
  • Tell those people close to you how you feel about them.  Tomorrow may not come for some.
  • Tell your kids (fur babies count too!) that you love them as often as you can.  My kids hear it from as often as I can.
  • Finally, be kind to each other.  The world is harsh enough as it is without us beating each other up.

See the source image

Hopefully this post comes at a time where we see the Covid vaccine rolling out to the masses.  Until then, keep wearing a mask and stay safe out there.

Peace.

© 2021 – 2020, John Morehouse. All rights reserved.

The post Happy New Year! first appeared on John Morehouse.

Contact the Author | Contact DCAC

501c3 Orgs Can Get Some Office 365 Licenses For Free

Published On: 2020-12-30By:

Yep, you read that headline correctly. Microsoft is making some Business Premium Office 365 licenses as well as some Business Basic Office 365 licenses available to US-Based 501c3 non-profit organizations, for free.

Free on a Calculator
Photo by Credit Score Blog

There’s a few steps to get these licenses.

The first step is to setup an Office 365 / Azure tenant for the nonprofit via

The second step is to register with Microsoft as a nonprofit. Once approved as a nonprofit, the licenses can be provisioned for you.

The third step is to contact DCAC (or another CSP, but we prefer if you go through DCAC) to provision your free Office 365 licenses. There will be some paperwork to sign to get the license setup, but it’s done quickly and easily through DocuSign.

That’s it, once the licenses are assigned you can setup everything that’s needed to move your email domain to Office 365.

If you are a 501c3 and are looking for an email solution, follow these three steps and you’ll be good to go.

Denny

Contact the Author | Contact DCAC

Things that a User Group needs to do before PASS Goes Dark

Published On: By:

If you are a SQL Saturday, User Group or Virtual Group PASS Chapter Leader, this is for you.

A person using a laptop with a women in the background.

As we all know PASS goes dark on January 15, 2021. Here are some things that you need to do BEFORE January 15, 2021 (like now, not on January 14, 2021).

  • User Groups / Virtual Chapters
    • Setup a new webpage somewhere (SQL UGS and the Microsoft Survey (which will include Meetup Pro) are great options)
    • Use the PASS emailing features to email your members about your new group’s homepage and tell people to sign up as you won’t be able to use the PASS email process after Jan 15, 2021
    • If your Twitter account is tied to a pass.org email address, change the email address
    • If your User Group email address is @pass.org you’ll want to create a new email address for it at Gmail, Hotmail, Outlook.com, etc.
    • Review callfordataspeakers.com and get signed up to help find speakers
    • If using PASS licenses for GoToMeeting or GoToWebinar you’ll need another way to hold your virtual meetings. Microsoft has a free Teams offer
    • If your User Group is registered as a 501c3 then you can get some free Office 365 licenses gifted from Microsoft. Contact Denny for more information (it’s a few step process that I’ll outline in a blog post later)
  • SQL Saturday Organizers
    • Download your registration lists from sqlsaturday.com
    • Download your sponsor contacts from sqlsaturday.com
    • Review DataSaturdays.com and see if this is a good fit for future events
    • Review callfordataspeakers.com and get signed up to help find speakers

A new non-profit (pending US IRS approval) community organization is being set up. The new organization is in the very early stages at the moment and we’re trying to get the word out to all the PASS members that a new org is being set up. The goal of this new organization is to handle legal matters, licensing, and to give sponsors a single point of contact to reach everyone. We’re envisioning that this new organization will be a very lightweight organization designed to handle the legal needs that come up, licensing of the Intellectual Property for the organization to the user groups, and a single point of contact for sponsors to work through.

At the moment the organization is simply collecting contact information for people that want to get more information once the organization is set up. The website that is set up is www.daug.io. Please ask people to submit their information there.

A summary of the URLs talked about here.

There’s a history of PASS and SQL Saturday and most/all the events that have been run under those names at:

More information will be coming about the Data and Analytics User Group in the future.

Denny

Contact the Author | Contact DCAC

Using an MSP Requires Trusting your MSP

Published On: 2020-12-28By:
A person using a laptop with a women in the background.

Recently there was news of another suspect breach of IT systems. This time the attack vector was via the Managed Service Providers (MSPs) that resell Office 365 licenses. Having an MSP that is going to help you manage your Azure or Office 365 environment requires having a lot of trust in the security systems that your MSP has put in place to ensure that the access to your environment that you have given to the MSP can’t be exploited by either an employee at the MSP, or by an unknown actor that compromised the MSP.

From a technical perspective, this requires that there are a few things in place. This includes Multi-Factor Authentication (MFA) as well as some sort of Just In Time (JIT) process.

Multi-Factor Authentication (MFA)

MFA involves using a third method for authentication. Normal authentication (and username and password) requires two pieces of information, both of which you know. Because these are things that are pieces that you know and are typed in, and they are the same every time, they can be copied. Multi-Factor Authentication introduces a third step to this, instead of being something that you know, it requires something that you have. In most cases a phone (either a landline or a cell phone, usually a cell phone). The cell phone either gets a text message, or it has an application installed on it which Azure Active Directory sends a push message to, and which then prompts you to approve the authentication, and this only happens after the username and password is entered successfully.

Having an MSP which manages your Office 365 environment involves giving the MSP access to your systems. Lots of MSPs request that you give a single account which all their staff uses access. This is a horrible idea as there’s no way to have multiple phones setup for MFA. Access should be granted to the accounts that each member of the MSP that would be managing the environment uses. While this does involve setting up more users with guest access into your environment it does mean that the users can have MFA setup on their accounts.

Just In Time (JIT) Access

In addition to having MFA setup, people shouldn’t be granted the Global Admin right, or any other admin rights within the Office 365 environment. People should have to request access to do the task witch they are going to perform. Once that access is granted those rights are taken away.

Even though the person requesting the access should have it, they don’t need to have it all the time. The fact that they are doing something should be logged somewhere; which involves the person that needs access requesting the access, so that the request can be logged; all while the person’s account is protected using MFA.

Everyone Should Have MFA Enabled

In order to protect against these attacks (and other attacks) everyone at MSPs (and when possible everyone) should have MFA enabled on their accounts. Having MFAs prevents at attacker from getting access to a users account, even if the password is compromised as the attack doesn’t have access to the users MFA device (such as their cell phone).

DCAC Does Exactly That

When DCAC does management of customers Azure and/or Office 365 platforms we always do what was described above. By default we have MFA enabled on all our accounts, no matter what the customer’s security requirements are.

We also pitch JIT to customers so that it is up to our customers as to weather they want us to use a JIT process to gain access to their environment. Some do and some don’t. Those that do, we can either configure the JIT process that it available through Active Active Directory P2 license, or we can build a custom JIT process. Which one we configure depends on what sort of permissions the user wants to give the DCAC team within their environment.

If you’d be interested in DCAC helping you manage your environments please contact our sales team and we can get the process started, securely right away.

Denny

Contact the Author | Contact DCAC
1 2 3 481

Video

Globally Recognized Expertise

As Microsoft MVP’s and Partners as well as VMware experts, we are summoned by companies all over the world to fine-tune and problem-solve the most difficult architecture, infrastructure and network challenges.

And sometimes we’re asked to share what we did, at events like Microsoft’s PASS Summit 2015.

Awards & Certifications

Microsoft Partner   Denny Cherry & Associates Consulting LLC BBB Business Review    Microsoft MVP    Microsoft Certified Master VMWare vExpert
INC 5000 Award for 2020    American Business Awards People's Choice    American Business Awards Gold Award    American Business Awards Silver Award    FT Americas’ Fastest Growing Companies 2020   
Best Full-Service Cloud Technology Consulting Company       Insights Sccess Award    Technology Headlines Award    Golden Bridge Gold Award    CIO Review Top 20 Azure Solutions Providers
Share via
Copy link