Microsoft TechCommunity Top Posts January 2022, Week 3

Another week, a bunch more TechCommuntiy posts. Here’s my picks of interesting ones:

Task management tips for Planner beginners

Getting started blog posts are always valuable. I particularly like the first image, showing an overall diagram of what makes up the Planner view. To me it’s (almost) all fundamental stuff I worked out, but it’d be quicker to read this then start using it than fumble my way through :) One thing I hadn’t done before was creating a Task from a Teams message which is a nice workflow option.

Microsoft Defender for Office 365 Ninja Training: January 2022 Update

There is so much good content in the Defender Ninja Training (Office 365, Sentinel etc, all of the different parts!) and once you’re caught up, you can keep up to date monthly with these posts that show what’s changed or new. Now all we need is more time to watch all the content!

Why you shouldn’t set these 25 Windows policies

There’s still someone that cares about Windows Updates, and even WSUS aligning with Group Policy settings in Microsoft, and it’s Aria Carley. Clean up some unused settings if you’re on Windows 10/11, and understand the real world impact of other settings acting maybe not the way you’d expect, with recommendations and links to official doco. I also don’t know what GP and CSP recommendations are as per the comments (GP = Group Policy officially, CSP = Customer Services Provider team inside Microsoft? I always get these wrong), but I’m sure that’ll be explained soon.

“Architecting Adelaide” 🎙 – The Intrazone podcast

The guys didn’t tell me about this one! My old user group in Adelaide that I had to hand over in 2021 is now being run by these awesome guys:

and they were on the Intrazone podcast talking about their IT Pro experiences. Well done you three :)

Getting started with Azure Bicep

As someone who doesn’t deep dive into Azure, I was wondering what Azure Bicep even is. Sonia Cuff explains this and demonstrates how it’s a simpler language evolved from JSON, and that the language can be translated back and forth betwen the two – but the result is templates that are easier to write, especially for those who aren’t developers.

Windows 10 or Windows 11 GPO ADMX – Which One To Use For Your Central Store?

If you’re starting with Windows 11 and have Group Policy still running, you need to read this. It’s not a great state to be while transitioning with all the catches and gotchas. Why they didn’t just have a separate set of policies for Windows 11 and have on the comments on each GPO what versions of Windows it applies to is unclear. There’s a few angry comments already on this. My personal take is that there’s no real benefit of jumping to Windows 11 yet for the enterprise (home it’s fine), so sit tight and wait for some of these things to settle, or at least be clearer as others work them out.

Security baseline for Microsoft Edge v97

There’s 1 new recommendation and 15 new settings (for computers and users) in the latest version of Microsoft Edge. These come out with each version of Edge, so you need to keep up to date and review any recommendations each time. Weirdly, the setting they recommend to turn off “Enhance images enabled” isn’t visible on Edge v97 installed on my home PC or work PC logged in with different profiles, but it should still be disabled in Group Policy so you’re not uploading internal company images to Microsoft to ‘enhance’ them. I question that if the recommendation for Enterprise is to turn it off, why is it safe enough for consumers to use, who I’m sure would have photos at times opened in their browser they don’t want invisbily uploaded? Maybe there’s something else to the recommendation I’m missing, like keeping your data in the country you want where the service could put it anywhere…

Securing Critical Infrastructure with Microsoft Sentinel & Microsoft Defender for IoT

The real answer to this is ‘IoT shouldn’t be on the same network as anything you care about, especially in Enterprise – or just don’t use IoT in Enterprise at all’ is a pipe dream, at least you can monitor what your IoT devices are doing in Sentinel. Looks pretty easy to connect up, but of course just having Sentinel ingest logs isn’t really a 24/7 SOC solution, you need people on top of this.

That’s it for this week, as always you can see the entire feed of TechCommunity posts at https://twitter.com/MSITTechNews and you can see my previous TechCommunnity picks here https://www.adamfowlerit.com/tag/techcommunity/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.