In today’s episode, Andy has a special guest from our product development team at Hornetsecurity – Jean Paul (JP) Callus. The episode goes into an insightful discussion on how threats have morphed over the years. Andy and Jean Paul recount the days when backup primarily served as a safety net against accidental data loss and hardware failures. Fast forward to today, and backups have become a key weapon in the fight against ransomware and other sophisticated attacks. 

Tune in to discover the power of modern backups in the ever-evolving world of cybersecurity and how organizations can establish seamless data protection measures, ensuring minimal data loss and downtime in the face of cyber threats. 

Timestamps:

(2:16) – Ransomware continues to drive backup and recovery decisions.

(10:10) – How has the industry traditionally mitigated ransomware and how are things done now? 

(14:13) – Revisiting the 3-2-1 backup strategy and adding an extra “1” 

(16:10) – Cloud backups and WORM (Write Once Read Many) states. 

(19:10) – What other backup technologies play a role in security? 

(23:43) – Deduplication, Immutability, and Backup 

Episode resources:

Podcast EP01: We Used ChatGPT to Create Ransomware

Podcast EP05: What is Immutability and Why Do Ransomware Gangs Hate it?

Hornetsecurity Ransomware Attack Survey

VM Backup V9

The Backup Bible 

Find Andy on LinkedIn, Twitter or Mastadon

Find Jean Paul on LinkedIn

This SysAdmin Day, win with Hornetsecurity! 

If you are a System/IT Admin and use Hyper-V or VMware, celebrate with us by signing up & trialling VM Backup V9 for a chance to win a Pixel Tablet! Find out more information here. 

Join us for an insightful discussion on the topic of licensing Microsoft 365 security features. Microsoft Certified Trainer, Paul Schnackenburg, joins us once again to share his valuable insights on how M365 licensing practices have evolved and why they’ve become so complex. 

In this episode Andy and Paul look at all the different ways native security features in M365 are licensed, what challenges come along with that process, how the process is confusing and more! This includes some discussion around how M365 licensing in general is flawed as well as how third-party software vendors help plug-in and do what they can to simplify this mess. 

Timestamps:

2:22 – O365 licensing vs M365 licensing 

5:06 – Is the complexity in M365 licensing deliberate? 

7:09 – Licensing and security with M365 business 

13:30 – Licensing and security in the M365 Enterprise SKUs 

19:30 – What about the EMS Suite? 

21:42 – What are E5 Compliance and E5 Security? 

28:05 – How can a 3rd party vendor help make licensing security features easier? 

Episode Resources:

SysAdmin Dojo Podcast Episode on General M365 Licensing 

Andy and Paul’s M365 Compliance Webinar

Defender for Endpoint

Hornetsecurity Services

Find Andy on LinkedIn, Twitter or Mastadon

Find Paul on LinkedIn or Twitter

We’re back for another episode with Philip Galea, R&D Manager at Hornetsecurity. In today’s episode, Andy and Philip discuss the frustrations and challenges IT admins face when managing permissions and sharing effectively in SharePoint Online.

As more organizations embrace remote work, collaborate with external freelancers, and rely on tools like Microsoft Teams and emails for sharing files, the need to manage permissions has become crucial. Tune in to this episode to learn about the complexities of SharePoint and discover ways to regain control over your access management.

Timestamps:

4:44 – The problems with managing permissions in SharePoint Online

8:34 – The ease of file sharing in M365 has created a problem.

11:16 – Have SharePoint security capabilities just been “lifted and shifted” to the cloud?

14:43 – The egregious problem with duplicate named SharePoint custom roles.

23:32 – What should M365 admins be doing about this problem?

27:10 – Behind the scenes with M365 Permission Manager by Hornetsecurity

Episode Resources:

365 Permission Manager

Introducing 365 Permission Manager – Webinar

Find Andy on LinkedIn, Twitter or Mastadon

Find Philip on LinkedIn

As more organizations embrace remote work and collaboration with external freelancers, handling permissions becomes increasingly critical.

With the reliance on tools like Microsoft Teams and emails for file sharing, the complexities of SharePoint Online have become evident. Therefore, we at Hornetsecurity offer a proper solution to this permissions management nightmare: 365 Permission Manager.

365 Permission Manager is the ultimate savior, providing a seamless approach to permissions management in SharePoint Online. Most notable features:

Simplify Managing Permissions at Scale

Gain a comprehensive overview of your organization’s M365 permissions for SharePoint, OneDrive, and Microsoft Teams. Use advanced filtering to quickly identify accessible items for external users or guests and detect broken permissions. Transparently view users’ effective access rights by breaking down nested groups.

Take Back Control with Compliance Policies

Ensure SharePoint, Teams, and OneDrive data compliance with our GRC service. Implement out-of-the-box best practice policies or create custom ones. Immediate notifications alert site owners to violations, allowing timely intervention.

Receive Alerts for Critical Shares

Stay informed with daily summaries of permission changes across your M365 tenant. Identify newly shared items with “Everyone,” anonymous users, or external guests.

Take Quick Actions

Fix permissions on multiple sites, manage external sharing access levels, and remove indirect company-wide access. Easily remove orphaned user permissions with a single click.

Achieve Effective Compliance With Our GRC Service

Use the Audit function to approve or reject compliance violations by reverting sites to assigned policies or removing unauthorized access.

Receive Comprehensive Reporting

Generate reports for documentation and compliance, highlighting externally accessible files and access details for specific groups or users across sites, files, and folders.

Join host Andy and special guest Martin Tanner from ADM Computing as they discuss real-life security horror stories. This fun and engaging episode was recorded live at Infosecurity Europe in London. Expect to hear interesting stories which both Andy and Martin have experienced first-hand. 

With a mix of humor and valuable insights, this episode is a must-listen for anyone interested in the fascinating, and at times terrifying, world of real-life security horror stories. 

Timestamps: 

2:28 – The Dangers of Unmanaged IOT devices 

5:30 – Hacked Video Conferencing Unit and Premium Rate Numbers 

8:18 – Email Forwarding Rules and Data Leakage 

11:59 – The Need for Proper Backup and Archival + Scheduled Payment Woes 

15:40 – Rogue Admin and Embezzlement 

18:17 – A Flattened Network and Ransomware Infection 

22:16 – The Publicly Accessible Hypervisor 

Episode Resources:

Security Awareness Service

Email Encryption from Hornetsecurity

Email Encryption Fact Sheet

Find Andy on LinkedIn, Twitter or Mastadon

Find Martin on LinkedIn

Get ready for an eye-opening episode recorded live at Infosecurity Europe in London. In this episode, Andy and Matt Frye dissect the results of a comprehensive IT compliance survey conducted by Hornetsecurity. In the rapidly evolving digital landscape, maintaining IT compliance has become a pressing concern for businesses worldwide.  

Tune in to explore the key findings from this survey, featuring insights from over 200 IT professionals representing diverse roles, regions, industries, and experience levels. 

Timestamps:

02:32 – Compliance is a growing concern 

03:52 – Do businesses see compliance as important? 

06:24 – The burden of compliance on IT teams

12:08 – How are businesses verifying compliance? 

14:46 – Trust in the cloud continues to be a problem for some organizations 

17:00 – M365 administrators are struggling with compliance tools 

20:57 – The cost of non-compliance 

Episode Resources:

IT Cybersecurity Compliance Survey 

365 Permission Manager 

Find Andy on LinkedIn, Twitter or Mastadon

Find Matt on LinkedIn

Microsoft’s recent decision to throttle traffic from old and outdated versions of On-Premises Exchange has sent shockwaves through the tech community. In today’s episode, Andy and Paul Schnackenburg delve into the details of Microsoft’s plans to protect Exchange Online against persistently vulnerable on-premises Exchange Servers by throttling and blocking emails from these unsupported servers. 

Tune in to understand the reasoning behind Microsoft’s strategy with this change, how organizations can keep themselves protected through process, and where third-party vendors can plug in and provide value. 

Timestamps:

4:00 – Microsoft’s plan details and communication 

10:50 – Paul and Andy’s thoughts on why Microsoft is making this change 

18:40 – Is it “Ethical” for Microsoft to block on-prem Exchange traffic? 

26:31 – What should affected organizations do? 

Episode Resources:

Microsoft’s Announcement

SMB1 Changes at Microsoft

Hornetsecurity’s 365 Total Protection

Find Andy on LinkedIn, Twitter or Mastadon

Find Paul on LinkedIn or Twitter