-
A defib cabinet is not a defib. Think fire extinguisher and cabinet where fire extinguisher is kept. It’s not a camera in a defib. Sloppy writing.
1 user thanked author for this post.
-
Well there are ways. You can do MFA by having it call you rather than send a pin. Auto voice tells you the pin. Strong passwords only go so far. Obviously if financial institutions thought they were useful they wouldn’t be inconveniencing their customers. I also use a Yubi key. They are simple and I keep it on my keyring. You have to put your fingerprint on it.
-
Well, this is deceptive information. Why? Some background first.
<Rant on> I’ve supported a number of M365 users in smaller companies and one in a midsized company (over 500 users) over the last few years. Every single one I walked into to admin at first had not turned on MultiFactor Authentication. I would immediately talk to management explaining that without MFA they were sitting ducks. Every single one said, “it’s too much of a hassle for our users”, or “we’re using Office 2010.”. So I would write up a contract explaining that my first recommendation was to implement MFA and that without them agreeing to that, I was not going to be legally responsible for account takeovers by hackers. If they didn’t sign it, I turned down the job.
So what happened? All of them last year were hacked. Every single one had one account hacked, usually an email that took control of the users inbox and sent out thousands of messages to clients after sucking down all their address book entries.
What next? Every single one but one then implemented MFA. All the ones with MFA have not been hacked since. None. (The Exchange hack is a separate issue but none of my clients use in house Exchange anymore.)
Could I be discussing Google’s Gmail? Or LinkedIn? Of course. Or your bank? Every wonder why your banks insist on two factor authentication? It’s all we have to slow down the bad guys. As I understand it, they look for low hanging fruit and exploit it, all the folks who use a trivial password. So the hackers move along to another login rather than try and get through the 2 factor.
So I am not blaming MSFT for this stat. Users have been lazy about this since Email was first exploited in the early naughts. MSFT, Google, and many other companies have given us the tools to slow down the hackers. Do we implement them? Or do we back off because we don’t want “the hassle”. How many users run themselves as admin on their box? How many are using a password or other method to log into their machine? All my clients are users on their machines and I use a workstation admin account to protect them. I use it myself.
Are there other ways in? Undoubtably. But when I read the write ups of stuff like the recent hack of Solarwinds and read that their Admins pw implementation was a joke, I don’t blame the clients. I blame Solarwinds and their IT management.
So many upper management of these companies seem to have not noticed that IT is the core of their business. Without it, they die. It drives their processes, their products, their sales, everything. They need to take responsibility for pouring the proper amount of money into their IT departments and support the rigorous policies and procedures and not hire admins that appear to be no more smarter than the average consumer out there thinking that their password will protect them in this day and age.
Hackers are undoubtably taking advantage of other holes etc. It’s really a mess for all computer users to worry about. And getting worse. But I doubt that this random stat is much more than MFA not being turned on.
<Rant off>
-
having worked inside a factory for five years that built defibrillators I can guarantee you that is a writing error.
1 user thanked author for this post.
-
-
-
-
-
-
<span style=”-webkit-tap-highlight-color: rgba(0, 0, 0, 0);”>I’m on an iPad this morning but my iPad Excel shows a distinct border around my highlighted cell. I would go back to your settings. I think there’s something wrong with your settings in either Excel or Windows. Sorry I don’t have my laptop here to help more. But I can’t duplicate your issue.
</span>
-
This reply was modified 4 years, 2 months ago by
.
-
This reply was modified 4 years, 2 months ago by
1 user thanked author for this post.
-
This reply was modified 4 years, 2 months ago by
-
-
-
-
-
For what you are describing, meaning you want to clone a single image and roll it out, I recently tested Macrium’s software, Reflect 7 to deploy an image to all machines. Worked great, but we ended up starting with Sysprep.
Buy a disk duplicator. Image Sysprep. When done, duplicate the disks that came with each desktop.
Or check out Macrium, but it might be too expensive for your needs. However, if you build the cost across all machines evenly, you might be able to license it for that.
We have tried a number of small volume ways to image the disks where I’m working. It all came back to Sysprep as the best way to roll out an image in Windows 10, barring stepping up to something like Macrium.
Also remember, there are low cost tools to migrate user profiles Check them out and use them! (I migrated 12 users from 7 to 10 in a similar situation to you last fall and migrated their profiles with no problem). Currently I’m in the middle of migrating 120 W7 machines. That’s just enough to not really be the sweet spot of Sysprep, and not really cost effective for many of the tools that are targeted at ‘large’ corporations. So what’s our best way of doing this rollout?
We purchased a disk duplicator. (it also bulk erases old drives).
We sysprep a master. This master is kept on the shelf in the future for similar machines that may be ordered in a few months. We buy all machines from one vendor (i.e. HP, Dell, Lenovo, whatever).
Once Sysprepped, we duplicate the master as needed, swap out the drives and bulk erase the old/new one. Yes, there is work to be done to ‘finish’ the sysprep operation, but much less than doing it by checklist from the ground up (yes, we have a checklist to do just that).
Another way to do it, is to spend a lot of time on batch files. Yes, we have USB keys with full workflow batch files to setup specific machine types. But we are moving towards sysprep in the future.
For my other clients, all machines have an admin account of WSADMIN (workstation admin), just so they can’t have a virus or ransomware mess with installing a program (easily). A [pain] but it works effectively. I even give the user the password to it if they want to install a piece of software for a specific job related task. This is only an easy way to keep bad guys a bit more removed from direct access.
Laptops are a problem because many of them don’t have swappable hard drives anymore. So pick your laptops with an eye on maintanence. (i.e. Lenovo uses replaceable SSD sticks).Ultimately, doing what you want to do, at the scale you do it, is a [pain]. There are a few small utilities out there that setup machines the way you want, turning on and off features. I’ll see, when I get a chance, if I can give you a few good ones.
1 user thanked author for this post.
Author
