Knowledge is key and being aware of the latest business news has never been more important !

As a contractor for the last nine years I have learnt a number of important lessons and today I want to talk about the ice breaker.

The Ice breaker takes many forms for example calling a client to wish them a  happy birthday or how project x is moving forward. These are basic way you can get a conversation going with your clients and business contacts. However something a great tool which is over looks is google alerts.

https://www.google.co.uk/alerts *For this you will need a google account this can be your existing email address.

If you go to www.google.co.uk/alerts and logon you can setup notifications on news articles that matter do you and your clients.

For this example I'm going to use "McAfee" as a ePO specialist I need to be kept up to date on any new articles about McAfee ePO or business news which could impact me or myself clients.

So before we start it's important to test out your search terms simple is normally the best and using common terminology.

For example  if I search just on "McAfee" I get all web publications using the word McAfee this can lead to a over full mailbox and information overload. You can see below the stories  don't have anything to do with McAfee ePO or in fact the company itself I want to know about.

This is why it's important to test your search query and tweak to get the minimum amount of important which is relevant!

So after some testing I have selected a number search terms I want to use

  • McAfee ePO
  • McAfee threats
  • cyber security threats
  • Intel Security
  • IBM Security

Now if you are following this example and searched for McAfee ePO you will now see the Alert preview panel has updated with a  number of news articles and blog post which are relevant.

So that's great we can now hit "create alert" - however before we do that we need to make a few final tweak to prevent a email overload...

Click on the show options at the top of the page; this will allow us to tweak the alerts to only send us the information we types we are looking for at frequency we can manage.  Some subjects you may decide you would like to see only once a week in a news round up while other subject you need to know as it happens for example a new security threat or a zero day virus.

If you take the time to look at each option and confirm the settings which are right for you. For me I like to receive a email once a day on each subject with the news and blog sources and you can see below.

Now you can create the alert and sit back and wait for your new emails to arrive, if you need to make any changes you can visit https://www.google.co.uk/alerts.

Receiving your alerts

The last and final change you can make is how you would like to receive you alerts. As I have already mentioned for myself I like to email on each search query -  however you do have more options. Clicking the gear icon (I've highlight below) we can make change when and now we get the alerts.

Now you can see the box below and you can select when you receive your email and in which form. Digest will group all alerts into a single email in this instance below at 9am each day.

McAfee SaaS Security Centre migration update

This week you have a notice if logging into McAfee SaaS control www.mcafeeasap.com the following message..

Transfer Information: Your McAfee Security Centre account has been selected for transfer to McAfee ePO Cloud. Click proceed and provide your consent to transfer your account.

Over the coming weeks the team will be putting together a support package on how to manage the migrations to ePO Cloud - if you would like any support please contact support@mjkelly.eu

Why your account selected for transfer.

Our records indicate that you have active McAfee SaaS licenses, with McAfee SaaS Endpoint Security products installed on one or more of your endpoints. As a current SaaS, subscriber, we will transfer the management of your Endpoint systems to McAfee ePO Cloud for you.

Note: Because the SaaS endpoint client is EOL, we can provide McAfee ePO Cloud management only for your current SaaS endpoint systems.

Manual transfers of endpoints and policies.

1. After you have activated your McAfee ePO Cloud account, re-create any custom policy that you had created by yourself in SecurityCenter. If you were using the default policy, you can skip this step as a default policy is applied in McAfee ePO Cloud also.

2. Reinstall the Endpoint Security product using the installation URL generated from McAfee ePO Cloud.

3. Once the installation is complete, the endpoint will report in McAfee ePO Cloud and you can assign the correct policies for them

Continue using McAfee SecurityCenter:

You can continue to manage the SaaS endpoint client from McAfee SecurityCenter until the EOL date.

If you would rather continue using McAfee SecurityCenter for all your systems, uninstall any instances of Endpoint Security from your managed systems, and install SaaS endpoint 6.x.

Notes:

SaaS endpoint 6.x does not support Windows 10. You will need to use McAfee ePO Cloud to install Endpoint Security on Windows 10 devices.

https://login.mcafee.com

 

Remove Lingering Objects

Lingering objects are objects in a Windows AD which have been created, replicated, deleted, and then garbage collected on at least a single DC that originated the deletion but still exist as live objects on one or more DCs in the same forest.

Lingering object removal has traditionally required lengthy cleanup sessions using tools like LDP, ADSIEdit, repadmin /removelingeringobjects which anyone working with AD will have used at least once and maybe wished to never touch again!!

A number of tools have improved the processes  and management of AD replications including powershell scripts, repldiag.exe, Manageengine or ADREPLSTATUS and now we have another tool for our USB stick: Lingering Object Liquidator.

Tombstone lifetime and replication of deletions

When an object is changed, added or deleted, Active Directory replicates the changes. Object which are deleted become a tombstone object. A tombstone object consists of a small subset of the attributes of the deleted object to all other domain controllers in the domain to receive information about the deletion. The tombstone is retained in Active Directory for a specified period. This specified period is called the TSL. At the end of the TSL, the tombstone object is permanently deleted.

The default value of the TSL depends on the version of the operating system that is running on the first domain controller that is installed in a forest. The following table indicates the default TSL values for different Windows operating systems.

 First domain controller in forest root                         Default tombstone lifetime

Windows 2000                                                                      60 days

Windows Server 2003                                                           60 days

Windows Server 2003 with Service Pack 1                        180 days

 

Why you should care about lingering object removal

 It is important to remove lingering objects for the following reasons

  • Lingering objects can result in a long term divergence for objects and attributes residing on different DCs in your Active Directory forest
  • The presence of lingering objects prevents the replication of newer objects, deletes and modifications to destination DCs configured to use strict replication consistency. These un-replicated changes may apply to objects or attributes on users, computers, groups, group membership or ACLS
  • Objects intentionally deleted by admins or application continue to exist as live objects on DCs that have yet to inbound replicate knowledge of the deletes.

How to obtain Lingering Object Liquidator

1. Log on to the Microsoft Connect site (using the Sign in) link with a Microsoft account:

http://connect.microsoft.com

Note: You may have to create a profile on the site if you have never participated in Connect.

2. Open the Non-feedback Product Directory:

https://connect.microsoft.com/directory/non-feedback

3. Join the following program:

AD Health

Product Azure Active Directory Connection Join link

4. Click the Downloads link to see a list of downloads or this link to go directly to the Lingering Objects Liquidator download. (Note: the direct link may become invalid as the tool gets updated.)

5. Download all associated files

6. Double click on the downloaded executable to open the tool.

Add disclaimers to outbound messages

If you are the administrator of your company’s Office 365 service, you can create a disclaimer for email messages.

A disclaimer is text that’s automatically added to the bottom of e-mail messages and typically used to provide legal information, warnings about unknown or unverified senders, or for other reasons as determined by an organization.

This is an example of a disclaimer: IMPORTANT NOTICE: This e-mail message is intended to be received only by persons entitled to receive the confidential information it may contain. E-mail messages to clients of MYCompany.com may contain information that is confidential and legally privileged. Please do not read, copy, forward, or store this message unless you are an intended recipient of it. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.

Here’s how to create a disclaimer that’s added to the bottom of all messages sent to external recipients:

  1. In the Exchange Control Panel, select Manage My Organization > Mail Control > Rules.
  2. Click New. Enter the following information in the New Rule window:
  3. Click “More Options…”
    1. If…Select “The recipient…” and “is external/internal.” In the Select Scope window, select “Outside the organization,” and click OK.
    2. Do the following: Select “Append a disclaimer to the message…” and “Append a disclaimer.”
  4. Click “Enter text…” to enter the disclaimer text, and click OK.
  5. Click Select one… to specify a fallback action that defines what you want to do if the disclaimer can’t be applied to the message. The choices are “Wrap,” “Ignore,” and “Reject.” The default action is “Wrap.”
  6. To add exceptions to the rule so the disclaimer isn’t applied to specific messages, click “Except if…” For example, to specify specific users, select “The sender…” and “Is this person” or “Is a member of this group.”
  7. Name of rule: Accept the default name, or enter a unique, descriptive name for the rule.
  8. Click Save.