Microsoft Most Valuable Professional (MVP) Award 2018-2019

Sunday July 1st 2018, in the afternoon local time, I received the e-mail I had been looking for all afternoon.

Dear Jesper Nielsen,

We’re once again pleased to present you with the 2018-2019 Microsoft Most Valuable Professional (MVP) Award in recognition of your exceptional technical community leadership. We appreciate your outstanding contributions in the following technical communities during the past year: Windows and Devices for IT.

I am one out of just 87 Microsoft MVP’ in the category Windows and Devices for IT and the only one in Denmark. Being part of this amazing program makes me proud and I am honored my contributions are recognized and rewarded with a Microsoft MVP Award third year in a row.

What it takes to be an MVP

Microsoft MVP’s, are technology experts who passionately share their knowledge with the community. They are always on the “bleeding edge” and have an unstoppable urge to get their hands on new, exciting technologies. They have very deep knowledge of Microsoft products and services, while also being able to bring together diverse platforms, products and solutions, to solve real world problems. MVPs make up a global community of over 4,000 technical experts and community leaders across 90 countries and are driven by their passion, community spirit, and quest for knowledge. Above all and in addition to their amazing technical abilities, MVPs are always willing to help others – that’s what sets them apart.

If you want to know more about the Microsoft MVP Program, check out the Microsoft Most Valuable Professional website.

Microsoft Tech Summit 2018, Stockholm

I would like to say thank you, to everybody who attended the Microsoft Tech Summit 2018, Stockholm. It was an awesome setup and an great event with lots of great sessions.

It is always an pleasure and a honor to to get the opportunity to speak at a Microsoft event. So thank you for attending and for making speaking at the event a great experience!

The session and slide deck was originally presented at Microsoft Ignite 2017. Throughout the presentation updated information and links was used. Unfortunately I am not allowed to share the slide deck, however as promised during the session, please find notes and links below.

Microsoft Tech Summit 2018, Stockholm, April 17 – April 18, 2018 [Link]

Session name: What’s new in Windows 10 security? Raising the bar of security once again with the Fall Creators Update!

Session Code: BRK2037

Session room: C2

Session link: https://techcommunity.microsoft.com/t5/Microsoft-Tech-Summit-Content-17/What-s-new-inWindows-10-security-Raising-the-bar-of-security/m-p/126322

References

Hardening the system and maintaining integrity with Windows Defender System Guard
https://cloudblogs.microsoft.com/microsoftsecure/2017/10/23/hardening-the-system-and-maintainingintegrity-with-windows-defender-system-guard/

Windows Defender Application Guard overview
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-applicationguard/wd-app-guard-overview

Testing scenarios using Windows Defender Application Guard in your business or organization
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-applicationguard/test-scenarios-wd-app-guard

Windows Defender Application Control
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-applicationcontrol

Windows Defender Exploit Guard
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/windows-defender-exploit-guard

Reduce attack surfaces with Windows Defender Exploit Guard
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/attack-surface-reduction-exploit-guard

Troubleshoot Attack surface reduction rules
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/troubleshoot-asr

Windows Defender Exploit Guard requirements
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/windows-defender-exploit-guard#requirements

Each of the features in Windows Defender Exploit Guard have slightly different requirements:

Features

Windows Defender Antivirus Real-time protection

Exploit protection

Attack surface reduction

Network protection

Controlled folder access

Table 1. Windows Defender Exploit Guard requirements

What’s new in Microsoft Intune Week of March 12, 2018 – New Windows Defender Exploit Guard settings
https://docs.microsoft.com/en-us/intune/whats-new#new-windows-defender-exploit-guard-settings—1631893—

Protect important folders with Controlled folder access
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/controlled-folders-exploit-guard

Windows Defender Advanced Threat Protection – Intelligence-driven protection, detection, and response
https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp

Big news in our drive to eliminate passwords: FIDO2 / WebAuthn Reaches Candidate Recommendation status!
https://cloudblogs.microsoft.com/enterprisemobility/2018/04/12/big-news-in-our-drive-to-eliminatepasswords-fido2-webauthn-reaches-candidate-recommendation-status/

Enable Microsoft Windows Hello for Business in your organization
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-azureadjoin-passportdeployment

Enable Windows 10 Multifactor Authentication with Windows Hello Multifactor Device Unlock & Microsoft Intune
https://ronnydejong.com/2018/01/17/enable-windows-10-multifactor-authentication-with-windows-hellomultifactor-device-unlock-microsoft-intune/

Notes from the field

  1. Get you Proof of Concept (PoC) started, enable Audit Mode for all solutions to start collecting insights
  2. Utilize a suitable solution for collecting Audit events from local event-logs e.g. using Windows Event Forwarding (WEF): https://blogs.technet.microsoft.com/jepayne/2015/11/23/monitoring-whatmatters-windows-event-forwarding-for-everyone-even-if-you-already-have-a-siem/
  3. STOP using Domain Admins accounts!
  4. Ensure to have local accounts protected, e.g. Administrator account by enabling random password solution, e.g. using Microsoft Local Administrator Solution (LAPS): https://technet.microsoft.com/en-us/mt227395.aspx
  5. Be prepared to respond to business complaints and be ready to remediate issues (have a “backup” plan)
  6. Start logging activity from your devices, see Security baseline for Windows 10 v1803 “Redstone 4” – DRAFT: https://blogs.technet.microsoft.com/secguide/2018/03/27/security-baseline-for-windows10-v1803-redstone-4-draft/
  7. Security baseline for Office 2016 and Office 365 ProPlus apps – FINAL: https://blogs.technet.microsoft.com/secguide/2018/02/13/security-baseline-for-office-2016-andoffice-365-proplus-apps-final/ 8. Visit Windows Active Defense web site to start your test: https://demo.wd.microsoft.com/

Enjoy!

Microsoft Tech Summit 2018, Amsterdam

I would like to say thank you, to everybody who attended the Microsoft Tech Summit 2018, Amsterdam. It was an awesome setup and an great event with lots of great sessions.

It is always an pleasure and a honor to to get the opportunity to speak at a Microsoft event. So thank you for attending and for making speaking at the event a great experience!

The session and slide deck was originally presented at Microsoft Ignite 2017. Throughout the presentation updated information and links was used. Unfortunately I am not allowed to share the slide deck, however as promised during the session, please find notes and links below.

Microsoft Tech Summit 2018, Amsterdam, March 28 – March 29, 2018 [Link]

Session name: What’s new in Windows 10 security? Raising the bar of security once again with the Fall Creators Update!

Session Code: BRK2037

Session room: E102

Session link: https://techcommunity.microsoft.com/t5/Microsoft-Tech-Summit-Content-17/What-s-new-inWindows-10-security-Raising-the-bar-of-security/m-p/126322

References

Windows Defender System Guard Hardening the system and maintaining integrity with Windows Defender System Guard
https://cloudblogs.microsoft.com/microsoftsecure/2017/10/23/hardening-the-system-and-maintainingintegrity-with-windows-defender-system-guard/

Windows Defender Application Guard Windows Defender Application Guard overview
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-applicationguard/wd-app-guard-overview

Testing scenarios using Windows Defender Application Guard in your business or organization
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-applicationguard/test-scenarios-wd-app-guard

Windows Defender Application Control Windows Defender Application Control
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-applicationcontrol

Windows Defender Exploit Guard Windows Defender Exploit Guard
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/windows-defender-exploit-guard

Reduce attack surfaces with Windows Defender Exploit Guard
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/attack-surface-reduction-exploit-guard

Troubleshoot Attack surface reduction rules
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/troubleshoot-asr

What’s new in Microsoft Intune Week of March 12, 2018 – New Windows Defender Exploit Guard settings
https://docs.microsoft.com/en-us/intune/whats-new#new-windows-defender-exploit-guard-settings—1631893—

Protect important folders with Controlled folder access
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploitguard/controlled-folders-exploit-guard

Windows Defender Advanced Threat Protection Windows Defender Advanced Threat Protection – Intelligence-driven protection, detection, and response
https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp

Windows Hello for Business Enable Microsoft Windows Hello for Business in your organization
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-azureadjoin-passportdeployment

Enable Windows 10 Multifactor Authentication with Windows Hello Multifactor Device Unlock & Microsoft Intune
https://ronnydejong.com/2018/01/17/enable-windows-10-multifactor-authentication-with-windows-hellomultifactor-device-unlock-microsoft-intune/

Notes from the field

  1. Get you Proof of Concept (PoC) started, enable Audit Mode for all solutions to start collecting insights
  2. Utilize a suitable solution for collecting Audit events from local event-logs e.g. using Windows Event Forwarding (WEF): https://blogs.technet.microsoft.com/jepayne/2015/11/23/monitoring-whatmatters-windows-event-forwarding-for-everyone-even-if-you-already-have-a-siem/
  3. STOP using Domain Admins accounts!
  4. Ensure to have local accounts protected, e.g. Administrator account by enabling random password solution, e.g. using Microsoft Local Administrator Solution (LAPS): https://technet.microsoft.com/en-us/mt227395.aspx
  5. Be prepared to respond to business complaints and be ready to remediate issues (have a “backup” plan)
  6. Start logging activity from your devices, see Security baseline for Windows 10 v1803 “Redstone 4” – DRAFT: https://blogs.technet.microsoft.com/secguide/2018/03/27/security-baseline-for-windows10-v1803-redstone-4-draft/
  7. Security baseline for Office 2016 and Office 365 ProPlus apps – FINAL: https://blogs.technet.microsoft.com/secguide/2018/02/13/security-baseline-for-office-2016-andoffice-365-proplus-apps-final/ 8. Visit Windows Active Defense web site to start your test: https://demo.wd.microsoft.com/

Enjoy!