2011 has been an amazing year and I’ve been lucky enough to have met some truly amazing people. Starting in January I travelled to New Zealand having won a prize at TechEd 2010 in Berlin courtesy of Joob Software (gosh it seems so long ago). From there on my job took me to some amazing places including Dubai, Lithuania, Serbia, the wonderful Bulgaria and the delightful Macedonia where I got to work with two of my best friends Vladimir Meloski and Paula Januszkiewicz. From there it was onwards and upwards travelling to the states for the MVP Summit in Redmond and to Atlanta for TechEd 2011. Finally I have to mention my friends in Germany and the Nordics, Norway, Sweden, Denmark and Iceland. These are some of my most favourite countries and I’ve had some great times there this year. A big thank you to all my customers and delegates alike, you’ve been amazing.

With the world undergoing a horrible recession I am well aware that many of my friends have suffered and thankfully we have been blessed with survival. But I take nothing for granted as we go into a new year. I started Quality Training 13 years ago and thankfully we have ridden the storm and for that I am truly thankful. A number of Scottish customers commented to that they have not seen much of our Dive Deeper series of events in 2011, well don’t worry I have a few things planned up my sleeve, so watch this space for more details. With 2012 ahead my passport is dusted off for a busy start. First up I’m back to Germany then onward to Seattle and hopefully to speak at TechEd 2012 in Florida and Amsterdam.

A lot of folks have asked me if I have any New Year resolutions.  Well yes, as a matter of fact I do. Firstly I’ve been on a diet for a couple of months. What can I say I just love the candy! Anyway it seems to be paying off. Secondly I’m going to finally finish my book and get it published. The book thing is something I’ve wanted to do for years, so fingers crossed 2012 will be the year. I’ve already written over 100,000 words, 38 chapters and a lot of late nights. I just hope someone wants to read it when complete. So what’s it about, I hear you say? Well just for you, here’s the scoop!

Seven Day’s

By Andy Malone

From a small 17^th Century Scottish Village to the very seat of world power, come’s the story of an ordinary man who makes a discovery so shocking, that it will change the very foundation of life on Earth. As he attempts to uncover the truth, he is inadvertently thrown 300 years into an almost unrecognisable world. Now lost and alone he must he must make new alliances if he is to battle an unfolding nightmare. But as the clock ticks, a conspiracy is unfolding and a deadly assassin who is determined to stop at nothing to protect a secret so shocking that it lies at the very heart of creation itself.

So there you go! Anyway as the year comes to a close I wanted to wish all my family, friends. MCT’s. MVPs, Customers and delegates alike a very Happy New Year. Thank you for your continued friendship and amazing support. I hope that 2012 will be an amazing Year for you. As we say in Scotland, The Lord bless thee and keep thee, the Lord maketh his face to shine upon thee and give you peace this New Year.

All the very best and warmest regards

Andy Malone

In this Short presentation, Microsoft MVP Andy Malone talks aboiut Office 365. Join me as we discuss the features from administration and deployment to integration, co-existence, migration and troubleshooting. We also look at the products themselves include SharePoint, Exchange & Lync. Enjoy.

Well this week I’m speaking at Multiple Microsoft events. The first is Microsoft Sinergija 2011 in Belgrade and the second is Microsoft Vizija 9 in Skopje in Macedonia.  It’s so amazing to see such passion in numbers. I’m looking forward to it.

As a security guy I’m often asked to look over new products and give my feedback.  This week I was contacted by some of those nice folks over at GFI, you know the ones who produce GFI Essentials to name but one.  Anyway they asked me if they could guest post…hey being a generous guy I said no problem. So here you are J

3 Reasons to Use a Network Scanner

A network scanner will help you keep control of many areas and systems of your company’s network. The main benefits of a network scanner are the ability to audit the hardware connected to the network, the ability to detect the software that is running on the network and provide assurance that you are in compliance with regulatory security requirements.

Hardware Auditing

Modern networks are more or less “plug and play”. An administrator can bring in a new PC, plug it into a free socket and voilà, an IP address is assigned and is the machine is ready to be used without any additional configuration. The ease of adding new network devices is a double-edged sword. It allows for networks that scale easily and rapidly, but this also means that the administrator can quickly lose control of his network assets. A network scanner will greatly aid the administrator in this situation. Network scanners are designed to scan your network and probe every device that is connected to it. This allows the administrator to keep an up-to-date inventory of all his hardware assets and it will also help him monitor and detect devices that should not be there in the first place.

Software Auditing

Every network device can run a piece of software. Hackers very frequently exploit bugs in this software to gain unauthorized access to your systems. To stop this threat, administrators perform a process called patch management, allowing them to look out for vulnerability notifications and download and install patches where necessary. On large networks it is not feasible for a system administrator to monitor every piece of software on every machine. For this task he will need a network scanner. Network scanners probe every single network device that they find, and determine whether a device is running insecure or outdated software. Good network scanners can detect unauthorized software running on client and server PCs. This greatly reduces the risk of cyber-attacks and virus outbreaks.

Regulatory Compliance

Companies that process or store customer credit card data must adhere to strict laws and regulations to ensure that this data is safe. One such regulation is the PCI Data Security Standard (PCI DSS), which is mandatory regardless of how small or big a company is. If a company is processing credit cards, it must comply with PCI DSS. There are stiff penalties for those found not in compliance.

Fighting Fire with Fire

Network scanners are a hacker’s favorite tool and many network scanners are available to them. These tools probe your network allowing a hacker to map-to-map parts of your network infrastructure and look for vulnerabilities. To counter this threat, always use a professional, enterprise quality and up-to-date network scanner and detect vulnerabilities before a hacker does.

This guest post was provided by Jeremy Pullicino on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Read more on the importance of using a network scanner.

All product and company names herein may be trademarks of their respective owners.

With Cybercrime on the increase and social networking sites like Facebook about to reach 600 Million users protecting and informing your loved ones, business and government infrastructure have never been so important. Today I’m in Jersey (the original) and I’m speaking at a digital parenting event. I’m delighted to be part of events like this as I get the opportunity to not only explain some of the dangers but also show them.

Tonight my session is Cybercrime: Inside the mind of a hacker. This 90 or so minute session looks at everything current including social networking, identity theft and of course just who are the bad guys and how to they operate. So if you’re around the event starts at 6.30pm with a BBQ followed by my session at 7.30pm. BTW a few tools to get you started. Protect your PC With Microsoft Security Essentials. It’s as good as any paid anti-virus solution http://www.microsoft.com/en-gb/security_essentials/default.aspx. BEWARE OF A FAKE PRODUCT CALLED SECURITY ESSENTIALS 2011. Only use genuine Microsoft software. Another great “digital parent” is K9. It allows you to easily configure rules for how your kids use the internet and chat services. http://www1.k9webprotection.com/

And finally a great solution that captures the nasty stuff while it’s still out there. Open DNS is a free or at most almost free service which aims to capture all the nasty stuff before it comes knocking at your door. http://www.opendns.com/

There you have it. See you there… http://www.gov.je/News/2011/Pages/DigitalParentingDay.aspx

Well having been shrouded in much secrecy Windows 8 finally came to the table yesterday. BTW I do mean shrouded in secrecy. Even as a Microsoft MVP, we have been kept away from getting a glimpse. Strange as I would have thought that getting your core evangelists on board to tell the world but alias no, like everyone else we have to attend Microsoft Build, which is the new trendy name for its latest developer conference.

On top of the agenda of course was Windows 8, which I am glad to say I’ve been looking forward to for some time. Initially downloadable as a “Developer Release” this version does NOT have all the bits yet and as such it might (does) seem a bit clunky, especially if you don’t have a touch enabled PC. Which let’s face is the vast majority of the population does not (except the IPhone or Ipad of course). First impressions! It’s very Windows phone(ish), so if you’re not a fan then watch out.

However that said my initial reaction is generally good. The installation process on a 64bit Dell Studio XPS was smooth. In terms of hardware requirements MS are not saying very much other than it will run on anything fairly modern. However to get the full functionality you will need a Touch enabled device with technologies like USB3 and a face recognition capable camera etc. In terms of the desktop experience…I like the tiles, although once in an application, if you don’t have touch it’s pretty difficult to get out of. I’m sure they will fix this though.

Once you have access to the desktop things start to look familiar, the start menu (now a square) the taskbar (yawn, come on guy’s it’s almost 7 years old). However I do like the new task manager, which makes me want to look under the surface. Watching the keynote’s various demos’ some pretty impressive trickery was shown, including the new fast boot feature. This I’m sure makes great use of our old friend the Hiberfill.sys file.  One feature I really love is the ability to log in with your Live account and sync your photos and data direct to the cloud. Also in terms of security it looks like face recognition is finally going to see the end of the dreaded username and password.

Now over the coming months we will of course see the Beta release which will no doubt complete the OS with missing features and functionality but, as long as you see this for what it is “A Developer Preview” then I think you will be suitably impressed. Now if you missed the keynote for build you can watch it here http://www.buildwindows.com/

This week I’ve been in London teaching one of my favourite classes Implementing Microsoft Active Directory Federation Services 2.0. Now if you like me have a vested interest in cloud computing this is a skill that you must get on board with ASAP.  ADFS can be deployed in a number of Scenarios to allow businesses to:

1. 1. Connect to and Interact with a cloud provider, Office 365, Google etc.
2. 2. Deployed to allow staff to connect from the internet to use internal web applications such as SharePoint.
3. 3. In a business to business scenario which provide the capability for business partners to federate data between them.

Personally I think if you are interested in attending the new Office 365 Ignite training then this is one class that is an obvious compliment. The course is MS 50412 and is a 4 day class.  Now in terms of set up there are a few pre-requisites such as either installing a Certificate Authority )CA) or obtaining a public certificate from the likes of VeriSign or GoDaddy.com. Next download ADFS V2 form the Microsoft website http://www.microsoft.com/download/en/details.aspx?id=10909 For a great deployment  guide click here http://technet.microsoft.com/en-us/library/adfs2-deployment-guide(WS.10).aspx Now as well as the deployment guide check out the design guide http://technet.microsoft.com/en-us/library/adfs2-design-guide(WS.10).aspx John Crtaddock is on of my fellow speakers who presents at TechEd and he is probably of the world most foremost experts on Active Directory and ADFS check out his session videos on TechNet and the TechEd Online website http://64.4.11.252/en-us/edge/active-directory-federation-services-with-john-craddock.aspx Now a number of bloggers have created step by step guides on hopw to connect AD to Office 365 using ADFS V2.0 so rather thaan replicate them here, this is a good one http://blogs.technet.com/b/danielkenyon-smith/archive/2011/05/10/configuring-adfs-v2-0-for-office-365.aspx Daniel give a great walkthrough. Also I was looking for a good reference point of the claim rule language for ADFS and found this on TechNet, it’s a great primer http://technet.microsoft.com/en-us/library/dd807118(WS.10).aspx Finally in terms of Troubleshooting take a look at this http://www.myitforum.com/absolutenm/templates/Articles.aspx?articleid=21856&zoneid=101 and this http://www.facebook.com/note.php?note_id=488993938234&comments&ref=mf and this http://technet.microsoft.com/en-us/library/adfs2-troubleshooting-guide(WS.10).aspx

This week I’m off to Oslo for a week of Office 365. In reference to my last post on hot security trends for 2011 I began to think what would be the trends for the folks who want to keep their skills up to date. Last week I went on an exam blitz and completed both Lync Server 2010 exams to become an MCITP Lync server Administrator. In this period of what I call the calm before the storm. That’s the period before Microsoft normally release a ton of new products it’s a great time to ensure your skills are up to date. With the economy looking as grim as ever I think it’s important to ensure that you are marketable. Don’t make excuses and wait for somebody else to control your destiny , you have to take the reins.

In 2010 we will no doubt have the latest version of Windows, Office, Exchange and SharePoint (I like to call these the 15 wave). How do you know that I hear you ask? Experience my friend, every time MS have released a new version of Windows the others have been very close behind. So if you are thinking about updating your skills and you are let’s say an MCSE then do it now, don’t wait. 2003, Windows XP they are so OLD. The skills and knowledge gap is slipping away from you my friend. You have hot shot kids snapping at your heels, don’t take knowledge for granted. Microsoft Certification has gone through a bit of a revival recently with partners having to renew out-dated certifications and contractors scrambling to learn the new stuff before new contract are announced.

But what are these golden nuggets of knowledge Andy, I hear you say what are these HOT product areas to focus in on?  Well it’s your lucky day, I’ve listed them below. For more information visit the Microsoft Learning portal www.microsoft.com/learning it’s packed with goodies to help you on your way. Also TechNet is a must at www.microsoft.com/technet Good luck J

1. 1. Microsoft Windows 7 Upgrade!
2. 2. Windows Server 2008 R2
3. 3. Microsoft Lync Server 2010
4. 4. Microsoft Forefront Identity Manager
5. 5. Active Directory Federation Services V2.0
6. 6. Microsoft Virtualization (Check Out System Centre Virtual Machine Manager Beta 2012)
7. 7. Microsoft SharePoint 2010
8. 8. Microsoft Exchange Server 2010
9. 9. Windows Azure
10. 10. Microsoft Private Clouds

Best of luck!

1. Society is becoming more tech savvy, as shown by the popularity of modern devices such as iPads, Kindles and netbooks. Unfortunately, the old adage that “a little knowledge is a dangerous thing,” is often proved to be true, and many of this new breed of technical enthusiasts won’t be aware of the damage they can cause to a corporate system if, for example, they plug an infected netbook into an office LAN.

1. The need to comply with various regulatory frameworks is becoming more relevant to an increasing range of organizations.  For example, the Payment Card Industry Data Security Standard (PCI DSS) rules mean that every company that processes details related to credit and debit card transactions must now adhere to a detailed set of standards.

1. Multicore processers and inexpensive RAM are leading more and more companies to make heavy use of virtualization technologies within server infrastructures. However, virtual servers are no less vulnerable to exploits from malware and other security threats.

1. Patch management is becoming increasingly difficult to handle without the help of a dedicated solution. The increasing technical awareness of users means that many will wish to use alternative web browsers and other software products. IT departments therefore need to keep on top of security updates for a huge range of programs. Thankfully, good patch management solutions are able to manage updates for a host of third-party products as well as the core operating systems used to run them.
2. Network security in general has become far more complex. For every machine on the LAN, the IT technician must consider protection from traditional viruses, malware and scareware, spam, and unpatched or unauthorized software. For more and more companies, failure to do this can result in legal implications for failing to adhere to official compliance regulations. Dealing with each risk in isolation is becoming simply too time-consuming for the average IT department, meaning a software solution that oversees every element is becoming a necessity rather than a luxury.

Office 365 is here! Over the past few months I have been teaching the Office 365 Ignite. The much anticipated on line office platform is a great step forward for partners and customers alike. The cool thing is that is scales from 1 to many, so even if you are a one man band then your business can enjoy the power of cloud computing. If you are an enterprise or larger business integrating the on-line platform with your current on-site solution is a breeze. With technologies like Dirsync and ADFS V2.0 you can have a hybrid or coexistence model for full flexibility.

This week I’ve just returned from delivering the Ignite class in Belgium. We had great feedback about the product and the course. Delegates are super excited about Office 365 and rather than fearing the product many are embracing it as a money making opportunity. If you are a small business then take a look at Small Business Server 2011. This great solution can also integrate with Office 365 to provide and really exciting and cost saving platform. For more details click here http://www.microsoft.com/sbs/en/us/overview.aspx To sign up for a free 30 day trial for Office 365 simply visit www.office365.com If you fancy attending one of the new Ignite classes then visit www.globalknowledge.co.uk for a schedule for the UK. www.globalknowledge.se for Sweden, www.globalknowledge.no for Norway, www.globalknowledge.be for Belgium and www.globalknowledge.dk for Denmark.

This week I’ve been in Jersey teaching a Cyber-Security MasterClass. Thanks to Ronnie for making me feel so welcome. Also a big thanks to everyone who attended my session at the Jersey BCS group. You guy’s rock. For the remainder of this week I’ve been looking over the latest version of GFI LanGuard. I must say that I’m very impressed. Languard boasts a number of pretty cool features including Application patch management. This is something that so many companies can use. I’ve been saying for a while but in terms of keeping systems patched this can be you first line of defence. Now while Microsoft do a pretty good job with Windows, application patch management can be a bit tricky. This is where GFI LanGuard provides a pretty hassle free solution.

Once of my favourite features of Windows Server 2008 R2 and Windows 7 is Applocker. It’s a great feature that provides both a whitelisting and blacklisting solution for applications that can be used on your network. Now while this is a great feature the interface can be a little tricky. Fortunately LanGuard builds on this to provide a really easy enterprise solution. With its Automatic remediation of unauthorized applications feature, as part of a routine scan, any unauthorized applications are identified and (optionally) uninstalled automatically by LanGuard, very cool!

Of course at the heart of LanGuard are a set of invaluable tools for security professionals including a number of great venerability scanning and auditing tools which can perform in excess of over 45000 checks on your system.

This week in my session I spoke about the importance of risk management. Tools like LanGuard will help is helping you identify and keep track of your assets as well as ensuring on-going compliance. So in conclusion I am delighted to have had the opportunity to Play around with GFI LanGuard. Sure there are many similar products in the market, but not one that brings all these elements together in such a professional way. For more details on LanGuard you can visit there site here http://www.gfi.com/network-security-vulnerability-scanner/ where you can also download a trial version. Enjoy!