NICconf is a two-day event in the heart of Oslo with around 3000 particioants, focusing on Microsoft technologies such as Azure, Hybrid Cloud, Identity and Security. There will also be a pre-day organized where attendees can participate in different masterclasses (full day workshops). There will be a masterclass by Paula Januszkiewics or Mikael Nyström and Viktor Hedberg,
Password spray attacks on accounts have increased rapidly in recent months. As a result, the security risks for accounts that do not use MFA for authentication have increased significantly. Microsoft works in the past on different ways to enable MFA for all users they work with Azure and Microsoft 365. One first try was the activation of security defaults, but this can be deactivated by user.
Based on this development and for other reason Microsoft announced the enforcement for Mutlifactor authentication for all sign-in/access to the Azure Portal. This announcement was a little suprise and bringe some challenges to organization espesically when we take a look at service principals and break glass accounts. Don´t get me wrong, it is mandatory to enable MFA for all users they access your tenant and have a valid and regulary reviewed Conditional Access policy in place. But for some special accounts this was not the focus or recommended. In this article I will explain how Microsoft rollouts this enforcement which steps you have to proof and how you can ensure that you are not affected or prepared for the upcoming changes.
I am pleased to announce that I have once again been recognized as a Microsoft MVP for Azure and Security in 2024-2025. This year there were some internal changes and the announcement was therefore postponed to July 10. So late Wednesday the mail came and I saw, just before my birthday, that I was again awarded in the following categories:
MVP for Microsoft Azure Compute Infrastructure
MVP for Cloud Security
What a great surprise
It is still an honor to be part of this family. There are many people who have supported me along the way, without whom this award would not have been possible. A big thank you goes to my wife Jessica, without her support this would not have been possible. There are many people who have become true friends during this time and to whom I am very grateful for their support, like Eric Berg, Thomas Naunheim, Marcel Meurer and Tom Janetscheck and many others. Also a big thank you to my Azure Bonn Orga Team, René de la Motte and Thomas Naunheim without whom the many Meetups and the Cloud Identity Summit would only be half as nice.
But this award is not possible without the community and the recognition from Microsoft, so a big thank you for that.
If you’re interested in what conferences you can find me at in 2024, feel free to check out my upcoming community events page.
In 2023 I was at some conferences where I held a session about Azure Cost Management and I´ve discussed this topic also a couple of times with my best buddy Eric Berg.
He invited me to his podcast Geeksprech where we talked and discuss what FinOps is and why in some cases it`s the same as cloud governance and cost management without the melodious and modern name 🙂
With the announcement of the next Windows Server release, called Windows Server 2025, Microsoft decided to organize the next Windows Server Engineering Summit. The Windows Server Summit 2024 will take place March 26-28, 2024, 8 AM – 4 PM Pacific Time with many sessions around Windows Server solutions.
I´m happy to be invited to hold two sessions, which I think are really important and value from Management and Migration purposes.
In the first part of this article (Three-big-reasons-to-migrate-to-update-manager-and-forget-the-classic-update-management-center) I dived into the improvements and reasons why Micrsoft introduce Azure Update Manager as a successor of the classic Update Management Center solution based on Azure Automation. In this part, I will explain how it works and what major improvements and new functions the Azure Update Manager offers
Please note: Azure Update Center is based on Azure Automation and needs the Microsoft Monitoring Agent. The MMA has been discontinued and will no longer be supported after August 2024. Support for Update Center has therefore also been discontinued.
2nd note: Microsoft will charged at a daily prorated value of 0.16/server/day which equates to approximately $5 USD/server/month beginning 1 February 2024 for customers using Azure Update Manager on Arc-enabled servers.
Microsoft model for a scalable Cloud Adtoption is based on the Enterprise Scale Architecture and I think this is a scalable and useful modell for every customer that uses Azure ressources. It´s based on the definition to granulary devide the workloads in different subscriptions and gives via Management Groups the possibility to group this differnent subscription into workload groups like Development, Core, etc. I know many customers struggle with this model and mistakenly think that Enterprise Scale is a reference to Enterprise customers, but this is not the case.
Based on the Enterprise Scale Architecture some services and security features can only be activated on subscription level to guarante that each resource inside the subscription is secured. This basis makes it even more important for customers to consider the Enterprise Scale Architecture or to orient themselves towards it.
The Microsoft Defender for Cloud and especially the Defender for Server P1 and P2 plans can only be activated on subscription level in the past. Microsoft has decided to change this and now allow plans to be activated at resource level (per server). It is important to understand that the principled approach activating on Subscription Level and the Enterprise Scale architecture are still valid and needed and this possibility is only a concession to cover certain requirements:
manage security configurations at a lower hierarchy level
flexibility for excluding specific resources (VMs) inside the subscription
enable different plans on subscription because for implementation of Enterprise Scale approach
Our 4th edition of the Cloud Identity Summit 2023 is over and it was a blast to meet all this great speaker and the Identity Community this year virtual and in-person in Koblenz.
This year we were kindly provided with the location by the Debeka Innovation Center (DICE) which is located near the University of Koblenz and close to the Moselle. The location is a designed as a open space to enable new thinking and new technologies which is a perfect match for our Cloud Identity Summit.
The 4th edition offered 10 sessions in two parall tracks, divided into Identity Security and Identity Management and it was really a pleasure to see this big identity experience in the different Identity topics on this day live at our conference. The speakers who made the extra journey to the event can certainly be called who as who of the identity scene. Therefore, at this point I would like to thank you explicitly, because without you this event would not have been possible:
Sefallah Tagrerout and Jean-Francois (Jeff) Aprea – Securing your Azure Ad with our Zero Trust Approach!
Jan Vidar Elven – Monitoring and Reporting on Activities and Security in Microsoft Entra Azure AD
Fabian Bader – From (tier) zero to cloud hero: How to pwn Azure AD from on-prem
Kenneth van Sarksum – Implementing and building advanced Microsoft Entra Id Conditional Access scenarios
Christopher Brumm – Walk the walk – explore ways to ensure strong authentication in real life scenarios
Sfefan van der Wiele – Walk the walk – explore ways to ensure strong authentication in real life scenarios
Daniel Krzyczkowski – The future of customer identity with Microsoft Entra
Nicki Borell – Azure AD Identity Governance – What do your users do with their access
Sander Berkouwer and Raymond Comvalius – Just apply the basics in your Azure AD tenant!
Anton Staykov – Seamless cross-tenant application access with Entra Azure AD Cross-Tenant sync
Koblenz is the hometown of Thomas Naunheim therefore we had also recommendations for sightseeing tips, city walks and Restaurants and start to meet the speaker on Wednesday in a Restaurant close to the Rhine and the Deutsche Eck (German Corner). After our great dinner, we made a short city walk to the Deutsche Eck and after this to a final beer for a good preperation for our conference on Thursday.
We started our hybrid conference a little late with a strong focus on the in-person experience and also broadcast the Sessions live to the world via teams.
In my estimation it was a complete success due to four factors:
Which is thanks to the great speakers who share their knowledge with great pleasure
The on-site participants who brought a lot of fun and made the sessions interactive, through their numerous questions
The great help of our team which made sure that the speakers and participants felt comfortable
Our great sponsors (adesso SE and glückkanja-gab AG) without whom this event would not have been possible for many reasons
We hope that the conference meet the expectations from our attendees and will plan for 2024 and we really want your Feedback for good and not so good thinks. The really goal of this conference it´s a conference from the community for the community. So gave us your feedback for a better Cloud Identity Summit in 2024!
Microsoft announced with Defender for Cloud Security Posture Management a new plan in the Defender for Cloud product family which focuses on a central view on the security posture of the customer.
In this article I will give a overview about which topics Defender for CSPM covers, how it will be enabled and how the pricing is actual working which holds some suprises if Defender for Servers is already in use.
I´m really happy to announce that I will speak at the Experts Live Netherlands 2023 Spring edition. The last one was the 10th annivesary edition in Fall last year. The Experts Live Netherlands is one of the biggest Experts Live conferences next to Experts Live Europe and because of the big Experts Live Europe will take place this year in autumn, the Orga Team decided to organize the 11 edition in spring.
This year, my session will be about theMastering Defender for Servers. In this session I will focus on Defender for Servers to protect servers across hybrid and multicloud environments. So I dived into the different plans, feature sets, deployment methods and more. Futhermore I show as a side note the new Defender for CSPM Plan and explore how agentless scan methods works. Deploy defender for servers at scale will complete the view and enable the attendees to mastering defender for servers.
Motivation
I like the idea behind the Experts Live community and really looking forward to see many community members there, greats friends again and certainly make new contacts. This year the edition is with 1,200 registrations sold out. The Keynote will be held by Dona Sarkar. So it is worth to be there
About Experts Live Netherlands
Experts Live is an international Microsoft community platform focusing on knowledge sharing through live events.
Every year Experts Live Netherlands organizes a large-scale one-day event where more than 1200+ IT Pros and Developers gain knowledge of Microsoft technology. National and international community experts update visitors on the latest Microsoft technologies in one day.
Slides
It was a pleasure to speak at 11th edition of the Experts Live Netherlands. With more then 1200 attendees is was one of my biggest in-person conferences in the last couple of months. Thanks to the organizers and sponsors who made this possible!
You can find the slides from my talk about Mastering Defender for Servers here. Please keep in mind that this slides was only for the Experts Live Event and I will improve the session based on the Feedback from the attendees.