What Do You Do When A Vendor Changes Their Terms of Service?
I’ll ask the question, what do you do when one of your vendors changes their terms of service? What happens when things become more restrictive than what they used to be? As an organization, do you simply change vendors or do your users have to change their behavior?
These days its all about the cloud, cloud this, cloud that, everything is in the cloud. But as a practical matter you still have to migrate from one vendor to another and that is not easy, especially the more users \ seats that have to be moved from one service to another. There are both internal, and if necessary external, resources that need to be queued up for the actual migration project and let’s not forget about downtime as you move from one service to another. Oh yeah, what if the users discover that they don’t like the new service as much as they liked the old one?
This last point feeds into user behavior. If you can’t \ won’t change vendors, can you change user behavior? That is not a technical question, that is an organizational \ management question that only they can answer. The vendor has changed their terms of service and your people cannot do the same things with the app \ service as they have in the past because the vendor is restricting more & more and their reason is, “protection of their customers.” How, as a technical manager in your organization do you convince managers & users alike that they cannot use the app \ service now like they used to use it in the past? One harsh but effective way is for the user’s account to get locked out for a certain period of time if that user violates the “updated” terms of service (this happens automatically through the vendor; you don’t have anything to do on your end). After a few lockouts managers start to realize that hey, we have to do thing differently now (I believe that is called an epiphany). Kathy Kountze put it best at the Interop19 technology conference, “Human nature does not gravitate to change."
- Rob Hiltbrand
Rob's Thoughts
Welcome to my blog. I am an opinionated person and having this blog simply allows me to express more thoughts about the world that we live in.
Thursday, June 06, 2019
Thursday, August 02, 2018
Social Media Platforms
Let's get one thing straight, social media platforms are owned by private companies who can do whatever they want on those platforms. If they want to remove content or shadow ban a user, guess what, they can. Why? Because they are privately owned companies. People have got to get over the thought that content should never be blocked because it can & will be. Twitter can & will shadow ban users. Facebook can & will take down videos. Spotify can & will remove users. Why? Because they can, these platforms are private entities. Congressmen, private citizens & business people need to get over the idea that they have a right to post something on social media. They don't have a right because they don't own the platform. And in the future were are only going to see more of this sort of thing (not less).
- Rob
- Rob
Thursday, May 31, 2018
Maybe syncing Active Directory to your hosted email is not such a good idea...
Maybe syncing your on-premises Microsoft Active Directory to your hosted email provider is not such a good idea. This statement might be provocative but let me explain.
Separation of duties, that is my reason. If your on-premises AD gets compromised and you are syncing the directory with your email provider then all of those mailboxes also get compromised. So why not separate the two (2) environments? Don't let what happens to one environment affect the other. My personal philosophy is to have these two (2) environments completely separate, that way if anything happens to one, it won't affect the other.
A few years ago Saudi Aramco's internal network was attacked with the result being that digital operations world-wide came to a halt including email. I don't want that to happen to my organization. So even if my internal network grinds to a halt, email will still flow and customer communications won't be affected by my on-premises systems.
Rob
Separation of duties, that is my reason. If your on-premises AD gets compromised and you are syncing the directory with your email provider then all of those mailboxes also get compromised. So why not separate the two (2) environments? Don't let what happens to one environment affect the other. My personal philosophy is to have these two (2) environments completely separate, that way if anything happens to one, it won't affect the other.
A few years ago Saudi Aramco's internal network was attacked with the result being that digital operations world-wide came to a halt including email. I don't want that to happen to my organization. So even if my internal network grinds to a halt, email will still flow and customer communications won't be affected by my on-premises systems.
Rob
Thursday, May 10, 2018
All Those Different Web Browsers
Because of the nature of what I do for a living, I work from a laptop with a very large external display. So working this way I get to use a traditional web browser, in my case actually I use four (4) of them to manage the various cloud services that I'm responsible for. The fact that I can't find one that does everything that I need is frustrating. Chrome is the gold standard but it does eat up resources on your system (go and check Task Manager and the running processes to see what I'm talking about). There is Microsoft's Edge browser but only for those users on Windows 10 (which I am). I can't believe how many times I run into problems with Edge, especially when it comes to sites associated with Microsoft or with services that are built upon Microsoft technologies & platforms. How is that even possible? Do the folks on the Edge team not talk to other departments? Again, how is that even possible? I also use Mozilla's Firefox product (I'm writing this post using it) which recently has improved itself. And then there is good old Internet Explorer. There are many, many sites that both myself and the users I support that IE works best for. I will close this post by saying that as more & more work of technologists (like me) is done "in the Cloud" the need for a stable, robust web browser is essential and Google's Chrome browser is my product of choice.
P.S.
Remember there is no Cloud, your data is just located on someone else's computer!
P.S.
Remember there is no Cloud, your data is just located on someone else's computer!
Friday, March 02, 2018
How Microsoft Helped Me To Love FaceTime
I could think of no better title for this post than, "How Microsoft Helped Me To Love FaceTime." I use some Apple products on a regular basis, I'm not part of their cult and until recently didn't use Apple's FaceTime app at all. That has changed and it's all thanks to Microsoft. Allow me to explain.
I'd attended a Microsoft event where they spoke about the real world uses for their HoloLens product. My initial thought was, "Good for Microsoft, they've finally found a use for it." Of particular interest to me that day was an example for doing service in the field. They had a video of a junior technician visiting a site and troubleshooting some industrial equipment. The junior tech ran into an issue so he contacted a senior engineer who then donned a HoloLens headset so he could see what the junior tech was seeing from his service glasses (which were streaming a video feed). The senior engineer told the junior tech to check this pressure gauge, look for that indicator light and then things would be fixed. It actually made a lot of sense to me but didn't give it much thought after I left the event.
So its some time later, I'm thinking about an issue going on in one of my branch offices (specifically in another time zone) while looking at my iPad. For some reason that Microsoft event came to mind while I'm staring at the screen and the green FaceTime icon catches my attention. Why not FaceTime with the branch manager (after all, they all have iPhones), have her flip to the front facing camera so I can see what's going on? It took about 30 seconds to "see" what was happening, walk her through resetting the device and everything came back online.
So I'd like to thank Microsoft for helping me to love FaceTime as a low cost alternative remote support tool to their very expensive HoloLens product.👍
I'd attended a Microsoft event where they spoke about the real world uses for their HoloLens product. My initial thought was, "Good for Microsoft, they've finally found a use for it." Of particular interest to me that day was an example for doing service in the field. They had a video of a junior technician visiting a site and troubleshooting some industrial equipment. The junior tech ran into an issue so he contacted a senior engineer who then donned a HoloLens headset so he could see what the junior tech was seeing from his service glasses (which were streaming a video feed). The senior engineer told the junior tech to check this pressure gauge, look for that indicator light and then things would be fixed. It actually made a lot of sense to me but didn't give it much thought after I left the event.
So its some time later, I'm thinking about an issue going on in one of my branch offices (specifically in another time zone) while looking at my iPad. For some reason that Microsoft event came to mind while I'm staring at the screen and the green FaceTime icon catches my attention. Why not FaceTime with the branch manager (after all, they all have iPhones), have her flip to the front facing camera so I can see what's going on? It took about 30 seconds to "see" what was happening, walk her through resetting the device and everything came back online.
So I'd like to thank Microsoft for helping me to love FaceTime as a low cost alternative remote support tool to their very expensive HoloLens product.👍
Wednesday, December 06, 2017
What does an official notification look like?
As I've read about what went on during the 2016 Election and recently about data breaches, the term 'notice from officials' is thrown about. So a public official (a Senator or Member of Congress) is the target of a hacker, entities within the US Gov't know this and then notify that individual. But what does that notification look like? What is an official channel? And just as importantly, how does the US Gov't notify a business or private entity (let's say a campaign)?
Day after day we see dozens of "official notices" that turn out to be spam or worse, phishing attacks. So how do you tell the difference between what is real and what is a "fake" notice and a spear phishing attack? How does the US Gov't notify an entity that they are the target of an attack, via an email? How about a phone call where the Caller ID shows as unidentified. Does it take a person with an FBI badge showing up to your office and telling you that your company has been targeted for an attack? The next question to ask is, once notified, does that information become public? If you've been hacked and there's been a data breach the first thought of the company might be they have to keep it quiet. But if it was the FBI, DHS or some other three-letter-agency that informed you of the breach, does news about the breach get out to the public?
I'll ask the question again, what does an official notification look like?
- Rob
Thursday, July 27, 2017
Oh that pesky DNS!
I chose "Oh that pesky DNS!" as the title for this post because if you don't get both your internal (private within the corporate network) and external (public facing) DNS right you run into trouble. These days every organization operates in a hybrid mode, the days of only having a network perimeter have gone the way of the moat. So when testing do it both from inside of your corporate network and also from the public side. Wait, the app works when you log in from home but not when you try and log on in the office? First place to look is DNS. Does your internal DNS look like the external DNS that you have setup with your SoA (which stands for Start of Authority; this is an important term and defining what it is should be a part of the hiring process for any IT related jobs). CNAME (canonical name), SRV (service) and MX (mail exchanger), these are all terms that are part of DNS. And don't forget that syntax for all DNS entries has to be perfect, no exceptions. What, I forgot a period at the end of the entry and that is why things aren't working!?!?
Subscribe to:
Posts (Atom)