New Year = Second Year Microsoft MVP!

I’m excited to share that I’ve been awarded the Microsoft MVP award for the second year. 2011 is certainly starting out with a bang and I’m honored to spend another year as part of this great group of technical folks who are involved in supporting the community.
I’m looking forward to another great few days at the MVP Summit in February, catching up with the likes of Emily Freet, Stephen Rose and Jake Gray from Microsoft and some of my fellow MVPs!

Redux of some “Favorite” Tweets

I’m a big fan of Twitter for keeping up with interesting tech news and information.  Since signing up in 2007, I’ve used Twitter to connect to a variety of people interested in a wide array of topics. As 2010 draws to a close, check out some of these tech tweets from the past year that caught my eye on my Twitter feed, either from those I follow directly or some of their retweets. The links might be worth another look!
If you are looking to follow me on Twitter, my handle is jkc137. Happy Tweeting!

New SharePoint 2010 Books to Consider

Do you have SharePoint 2011 on your project horizon?  If so, don’t forget to check out the following books when gathering your resources.
First, check out this recent post about a collaboration of knowledge from Microsoft MVPs on the MVP Award Blog – Over 20 SharePoint MVPs Contribute to SharePoint 2010 Book. You can find “Real World SharePoint 2010” at Amazon and other retailers.
If SharePoint Foundations is more your focus, look for CA Callahan’s upcoming book Mastering Microsoft SharePoint Foundation 2010” due out in mid-February. Callahan is also a Microsoft MVP and I’ve had the honor of getting a sneak peak at some of the content and am looking forward to adding this volume to my SharePoint references once it’s available.  Also,if you are looking for some of Callahan’s up to the moment tips and tricks, check out her blog.
(Curious about what makes a Microsoft MVP? Check out this post by Eric Ligman that sums up how to become, find or nominate an MVP.)


She’s Geeky unConference – Early Bird Registration Ends 12/22

Are you a woman in an STEM (science, technology, engineering or math) field and looking to connect with other like-minded women?  If so, you probably don’t want to miss the She’s Geeky unConference, especially if there is one planned for a location near you.
Starting off 2011 in San Francisco on January 28-30th, She’s Geeky will be held in the Mission, right near downtown. Score!  I enjoyed the conference in Mountain View last year, but this makes it even better.
The early bird registration sale ends on Wednesday, so even if you register for all 3 days it’s a great price.

Google Calendar and the “Unsupported” Browser

A couple weeks ago, I started experiencing a curious problem with Google Calendar on my netbook.  I’m running IE 8 (8.0.7601.16562 to be exact) and every time I loaded up my calendar I got a message alerting me about using and unsupported browser.
“Sorry, you are trying to use Google Calendar with a browser that isn’t currently supported…”
Since I’m also using IE8 at work (version 8.0.7600.16385) without any calendar issues, I did what many sysadmins do when stuff doesn’t work on their own computers – I ignored it for a while, hoping it would just resolve itself.
However, today I did a little looking around and found the issue, which ironically is caused by the Google ChromeFrame Add-In.  I turned that off and the calendar now loads without any error messages.  The version of the add-in I had installed was ChromeFrame 8.0.552.224.

Upcoming Tech Events in 2011

Looking to fill your calendar with some free or low cost tech events in early 2011?  Consider some of these:
  • TechNet Events Presents: Virtualization 101 – Microsoft Evangelists will talk about the creation of the hypervisor and demonstrate usage scenaros ranging from the home user up to multinational corporations. Discussions will also include how virtualization has given rise to “the Cloud”.  The event is free and will be in San Francisco on 2/2/11, but check the list for dates in Los Angeles, Irvine, Denver, Portland and others locations on the west coast.
  • Data Connectors Tech-Security Conferences – Just like the one-day event I attended a few weeks ago, Data Connectors will be all over the west coast in early 2011.   In particular, find it in San Jose, CA on 2/10/11.
  • She’s Geeky unConference – For all those women who embrace their geekiness, save the date for “She’s Geeky Bay Area #4” running January 28-30th. 
  • Register by 1/21 and snag a free Expo Only pass to the SPTechCon (The SharePoint Technology Conference) in San Francisco February 7-9th.  The full event doesn’t fall into the “low cost” category, but if SharePoint is your thing, you might want consider more than just the expo.
  • RSA 2011 – Another one of my favorites, the “Expo Plus” pass at RSA gets you into the expo hall, the keynotes and one conference session of your choice. RSA will be at the Moscone Center in San Francisco, February 14-18th. 
Plan your time well and you won’t have to be in the office for much of the first quarter! 

Inside MDOP: AGPM 4.0

In case you missed the PacITPros meeting on December 7th, you missed out on some interesting vendor and technical presentations.  In addition to a presentation from BlueCat Networks and Hurricane Electric, I did a short demo of one of the MDOP tools – the Advanced Group Policy Manager 4.0.

This tool hooks right into the existing Group Policy Manager snap-in you know and love in your MMC and with the use of a designated archive server, extends the functionality to include better search features and change management.  No matter the size of your organization or the number of IT staff you share group policy tasks with, you can benefit from this tool.  Even if you are the only person who does anything with group policies, this tool will make your life easier.

First, the change control features take away much of the pain of keeping track of what was changed when and potentially by who.  Policies that are controlled by the system must be checked in and out for adjustments, which automatically creates a history record capturing the state of a policy at any given time.  These records can easily be reviewed for corporate compliance and policies can even be rolled back to previous states.

With new roles created within the tool, non-admininstrators (even regular domain users) can be granted the ability to review or edit policies… leaving the actual deployment and linking of the GPOs to system administrators.

The abililty to search and filter your view of policies is much improved.  You can search by name, state (checked in, checked out), even by variables such being updated “last month” or “last week”. 

Finally, you can easily import and export policies, even across forests.  No more manual recreation of the perfect policy just because you want to use it in your test lab environment or in another forest.

Finally, keep in mind that APGM 4.0 adds support for Windows Server 2008 R2 and Windows 7, as well as runs on Windows Server 2008 and Vista.  If you are supporting an environment with older versions of Windows Server, consider version 2.5 or 3.0 of the tool.  Not of all of the features are included, but if you are looking specifically for the change management aspects, those older versions may work for you until you upgrade your servers.

Out of the six tools in the Microsoft Desktop Optimization Pack, APGM isn’t one I’d overlook. 

Take Aways from the Data Connectors Tech-Security Conference

Last week, I attended a free one-day conference hosted by Data Connectors.  Sometimes free conferences aren’t worth the time it takes to get there, but I was really happy with this one.  While all the presentations were vendor sponsored, the majority were product neutral and really shared some decent content.  In addition to the vendor presentations, there was a decent sized expo area with other security vendors to peruse.

Here are some of the stats and tidbits I left with. As some of the themes overlapped throughout the presentations, so I’m not going to attribute each bullet point to a specific presenter.  However the presentations were sponsored by the following companies: WatchGuard, Axway, Sourcefire, Top Layer Security, JCS & Associates, Kaspersky Lab, Cyber-Ark, FaceTime and Arora / McAfee.  You can learn more about the presentations specifics and download some of the slide decks here on the event agenda page.

End Users

  • End users in the workplace expect to have access to the web and popular web applications, however 25% of companies need to update their policies related to web use. Instead of addressing the policy issues, companies simply block access to web applications entirely.
  • End users need more education about threats like email scams, pop-ups offering anti-virus solutions, links sent via social media sites, tiny URLs, etc. End users are your biggest threat – often due to error or accidents.
  • The average employee spends 3 hours a day doing non-work items on their computer.

General Company Security and Policies

  • Consider reviewing and improving on your file transfer management practices. How do people share data within your organization and externally? Is it secure and managed?
  • Most companies feel secure, but aren’t really. Check out http://www.idtheftcenter.org/ for a list of companies that have experienced data breaches. Many companies simply rely on their vendors to declare that they are secure and protected.
  • Consider using different vendors to protect your data at different levels. Different vendors use different mechanisms to detect and deter threats.
  • As an administrator, you have to review logs on computers, firewalls, servers, etc. This way you are familiar with what is “normal” and can easily recognize potential breaches.
  • Consider data encryption as means to enable your company to meet regulation compliance. Encryption technology has evolved and it doesn’t have to be as painful as it has been in the past.
  • You should patch all your computer regularly – don’t forget that your printers, routers and switchers are computers too.

Browsers and the Internet

  • The top Internet search terms that are likely to lead you to site with malware on it are “screensavers” (51.9% chance of an exploit), “lyrics” (26.3%) and “free” (21.3%).
  • In 2009, the Firefox browser had the greatest number of patches and overall, vulnerabilities in applications exceeded operating system vulnerabilities.
  • The web browser is the #1 used application, but the patch cycle for browser add-ins is slower than for other applications and operating systems.
  • Drive-by downloads are still the #1 way to exploit computers.

Sometimes I leave conferences scared by the massive list of items that I feel I need to address, however, I left this conference with not only some tasks in mind, but some great leads on how to go about completing those projects.  Check out the Data Connectors events list to see if there is a similar conference coming up in your area in 2011.  They have well over two dozen other planned dates across the US, including Los Angeles in January and San Jose in February.

All I Want For Christmas is my Credit Card

December started out with a call from my credit card company, reporting a suspected some fraudulent use of my Visa card.  After reviewing some recent charges, there was one that I did not recognize and my card was cancelled.  I have to hand it to CapitalOne – they really are on the ball when it comes to figuring out what charges are legit and which ones are not.  It’s a little bit creepy to be honest. Ah, the age of data mining.
As I was jotting down the list businesses I’ll have to contact to updated my information once my new card arrives, I starting thinking about credit card numbers.  With all the talk about the end of the IPv4 address space, I can’t help but wonder about how many possible credit card numbers are left to distribute, especially with the use of temporary cards, like Visa or AMEX gift cards and the like.
I did a quick little search and found some slightly dated information estimating that even if credit cards only had 10 digits instead of the average 16, there would still be enough numbers to give everyone currently alive on the planet a number, with extras for people being born over the next 25-30 years.  Still that doesn’t seem like all that many to me – I know that my Visa card has been reissued at least 3 times now since I’ve had it, so I might have already used my fair share.
Without spending a lot of time pondering this issue, I guess between the various credit card issuing companies and bank numbers used to create card numbers, it’s possible to have some overlap in the customer identifying portion of the card number without causing a problem. Plus, credit card technology is always evolving.  There is always news about the use of chip cards and there are companies like this one, developing totally new ways of keeping cards secure and easy to use.  A flexible, electronic card with a rewritable magnetic strip? Cool.
Meanwhile, I guess I’ll enjoy this unexpected hiatus in my holiday shopping.The economic recovery will have to manage without me for a few more days.