Follow us on Facebook too. Click to go there now
A few Windows 10 features to not forget about
Posted by Amy Babinchak on 11 April 2019 06:08 PM
Ahead of the coming release of Windows 10 1903 let's take a look back and what you might have missed that can be helpful in the previous versions.
I think a lot of people don’t notice the changes to Windows after an update comes out, unless they’ve moved your cheese. Then I hear from my clients about something in the UI that they don’t like because it’s different. Otherwise people have a tendency to just go along doing things they way that they’ve always done them.
Windows is the platform basis for all applications that run on your computer. It’s the traffic light controlling all things behind the scenes and it’s really a very complex piece of engineering. In addition to performing those duties it also tries to make the life of the person using the computer just a little bit better. For example, recently Microsoft has been promoting all of the work that they’ve put into the accessibility features and those are amazing and wonderful because as Microsoft says in their ads, we’re all better when we can all create. And that’s really what’s important about Windows. It’s the platform that makes creating possible.
So in that spirit I’d like to call-out 5 features that might just make your creating life just a little bit better.
Make your own font
Make your own font is the name of an app that is available in the Windows store. So it’s not installed by default but I wanted to also call out the Microsoft Store itself. You need to check out the Microsoft store from time to time. It’s not fundamentally different from Google Play or iTunes except that it’s more business focused. There’s some great apps in there and some fun ones too. This one probably falls somewhere in between.
Did you ever wish you could write an email or a document in your hand-writing? Well you can and it’s very easy to do. The Make your own font app is super simple. All you do is fill out the alphabet in capital and small letters, numbers and symbols in the form provided by the app. Then you save it and give your font an awesome name. Next go to Control Panel then Fonts and upload the font file you just saved. Now your font will show up in all of the applications on your computer.
This is Amy’s font. If she had created it years ago it would have been much neater.
While this font might resemble my handwriting, it’s not quite there because like everyone I have quirks that no font is going to capture. For example, when I write my first e in a word, I tend to use an e that look like a miniature big E. But then when the next e comes along in the word I use the traditional small e. I also have a tendency to mix cursive and printing, sometimes in the same word, definitely in the same sentence, and well no single font can deal with that! But still I’m enjoying the Amy font that I created.
Automatically lock your computer when you walk away
Many people have heard of Dynamic lock but few understand the power fully. Dynamic lock is a component of Windows Hello. While most people think that Windows Hello is just the ability to log in with your face if you have the proper camera in your laptop it’s really a lot more than that. In a nutshell Windows Hello is the ability to authenticate to your computer with a means other than a password. That can be with a PIN, a face, a picture, an app or other devices. How is that more secure than a password? Well under lying these is the credential but it’s only accessible to apps after you enter you use one of these devices. Windows Hello keeps the actual credential secure. But this is just a stepping stone to the very soon coming day when passwords will be going away and our computers will instead recognize us by our behaviors. Boom! I’ll write another article on that topic sometime because it deserves it.
Back to Dynamic lock. You can pair any Bluetooth device to your computer. Once paired it can be selected as the Dynamic lock device. Now, when you start up your computer it will look for the paired device, if it’s present Dynamic lock is active. If it isn’t present Dynamic lock will pop-up a toast letting you that because the device isn’t in range at that moment that Dynamic lock will not be turned on during this session. However, when you start-up your computer and your paired device is nearby Dynamic lock will be active and now when that devices leaves a short distance from your computer, after about a 30 second delay your computer will lock.
Because it locks when you walk away with the device, your data will remain safe from passersby. As you can see below, I have my phone paired for this purpose. And while this might be the most common scenario, you can actually pair any Bluetooth device and select it to your Dynamic lock device. Just be sure to pick something that you’re never without. I haven’t tried it but I think one of those Bluetooth key fobs would be a great pairing for Dynamic lock.
A clipboard that holds 10 or more things at once
Being able to clip several things and then come back to them later is a great productivity tool. People have been loading clipboard apps onto their computers for ages and finally Microsoft built one into Windows. It’s very simple to enable and use.
Just hit Windows key + v and the clipboard history will pop-up. Then simply select the item you want to paste from the list. The clipboard history is not on by default. To turn it on the first time, do the same thing. Hit the Windows key + v and press the Turn on button when the clipboard history opens.
Notice the … at the upper right corner of each clip. As shown in the picture above you can delete it or pin it, so it gets saved forever in your clip history or clear the entire history with the exception of the pinned items. Very simple and very functional.
Now in Settings of your computer there are a few more items. This is where you can turn the feature off or choose to sync your clipboard across your others devices. By other devices, Microsoft means other Windows devices. So if you have a desktop and laptop, they will share a clipboard history with each other. That way you can clip something on your laptop and use it later from your desktop. You’ll notice the privacy statement link under that feature and that’s because in order to keep those in sync the items clipped on your laptop and desktop pass through Microsoft’s data center.
Ransomware has been hitting computers, mostly business computers, since around 2013. With Windows 10 Microsoft provided protection against ransomware through the Controlled Folder access feature. You’ll find this setting located under Ransomware protection. Again it’s something you need to turn on.
Turning Controlled folder access on protects the default Windows data storage locations in your profile from access by unknown applications. Microsoft will compare what is trying to access your Documents folder, for example, with known good applications and then allow the access if the app is on the list. If it isn’t then you’ll see a Toast pop-up letting you know that Microsoft blocked an app from accessing the files. If you happen to have an app that isn’t on the list you can add it by clicking the Allow an app through Controlled folder access link.
Let’s say that you are in the habit of saving data to another location on your computer. Let’s say you created a folder on your C drive to save data into. You can also protect that location by clicking on the Protected folders link and then the + sign and adding your custom location. This way none of your data has to go unprotected.
At the bottom of that screen you’ll noticed an opportunity to setup OneDrive for file recovery. This feature allowed for one-click restore of the data you have stored in Desktop, Documents or elsewhere in OneDrive. It’s a sort of fail-safe in case your OneDrive data were to get encrypted.
Don’t let Windows keep you up at night
If you find yourself using your computer just before heading to bed then Nightlight is for you. It’s not about providing light as the name might imply. It’s actually about reducing light and limiting the color spectrum so that your melatonin doesn’t get impeded. Melatonin is the chemical the body produces after a cue from the eyes that it’s dark and time for bed. If your eyes see daylight, then it’s time to wake up. Your computer can give your body the false indication that it’s daytime and Nightlight is designed to prevent that.
Nightlight is another one of the features that isn’t turned on by default. So go to Settings, Nightlight to find the settings screen above. I suggest scheduling night light. Since Windows knows what time it and the time zone that your computer is in, it therefore knows the time of sunset to sunrise. If you don’t like those times you can optionally select your own by choosing the other radio button.
Hopefully I’ve given you a few good reasons to take a better look at what Windows has to offer. Those updates aren’t just providing new security features, they also provide new functionality. Sometimes you have to look for them but the hunt is worth the effort.
Helping IT Pros is all we do! No contract, no minimum. Just current and former Microsoft MVP's with deep technical skills ready to help. IT Pro Helpdesk, TechYourBooks, Super Secret News, Ransomware Prevention Kit and more. https://www.thirdtier.net
Read more »
Making the leap from job owner to business owner
Posted by Amy Babinchak on 19 March 2019 11:15 AM
Most businesses start out as one person deciding to do what they are currently employed to do under their own name, rather that continue to work for someone else. There are a lot of us that just don’t fit into corporate culture and so we start our own business. As a one-person business though…are you really a business or are you just self-employed?
I don’t mean to imply that there’s anything wrong with being self-employed. I was for 3 years until I decided that if this is what I loved doing then I should make it into a business. Some people never make that decision and that’s ok too. But some people are stuck wanting to have a business but can’t figure out how to make that leap. This article is for you.
What is the definition of business anyway?
A business has certain characteristics that make it different from a job.
I started my MSP like a lot of people did. I started to gather up some side gigs supporting businesses after hours from my job supporting schools. Eventually I decided to move the side gig work into being my main work. So I went to all of those businesses I was supporting and asked them to sign a contract so I could get enough stability to quit my job. And so they did, and I did. Now I owned my job.
I worked this job for about 3 years while I thought about what I was going to do. I was enjoying this job but it was of course a dead end. There was just me and no where to go except to keep doing what I was doing. I knew I wouldn’t be satisfied with this reality for much longer and so I decided to create a business from this job.
I’m ready to not be a tech any more
Making the leap from job to business is largely a mental one. The point of the business is to give you someplace to grow in your career and to grow the business into something of value that you can later pass down or sell to fund your retirement.
The problem is that the first person hired is a 100% growth for your business. The second one is 50%. The third is 33%. The fourth is 25%. You probably got the point that it will get easier as you go but those first steps are really big ones. It’s like being at the gym and the coach has you starting on the 3 foot box jump then work your way down! It’s backwards from what would be ideal but that’s the way it is. Your business needs to be ready and your budget needs to be ready too.
As your business grows you will find yourself not being a tech anymore. Nor an engineer or architect. You’ve chosen a career path that ends as business owner and you need to embrace it.
Who should be your first hire?
There’s a lot of discussion on this topic. It’s reached the status of the “old quandary”. Your options are an admin person or a technical person. While there are good arguments on both sides I come down on the side of choosing a very good technical person as your first hire. Here’s why.
In starting your business you are playing all of the roles. Marketing, sales, technical, accounting, payroll and more. The process of growing your business is all about giving away your job. Each person that you hire will take part of your job from you. Don’t worry about not having anything to do. Each of your other roles will naturally expand to fill the space. Been too busy to meet with your accountant monthly? Blog regularly? Engage in regular marketing activities? Now you’ll start to have time for those things. But only if there’s enough money coming in. You need the technical person in generate additional income for the business.
My other reason for suggesting that you hire a technical person first is that you know how to do it. You know how to determine if a tech person is good. You know what their task list should be and you’re prepared to train that person. You can do all of these things because you are a tech. While it might be appealing to get rid of the admin work, you probably aren’t as prepared to interview and train that person because you don’t know the job well yourself yet.
Initially both you and your new technical person will be doing the same work. You’ll be training this person to do the technical work just as you like it to be done. This person is going to be expensive because you need them to be capable of being you so you can bill clients for them in full confidence. Meanwhile you are also working like crazy to bring in more clients so that both of you are busy billing full time.
Your second person is probably another technical person for the exact same reasons. The company needs the money coming in. By this time you’re reaching exhaustion from being fully billable yourself while focusing on training this staff and bringing in new clients. Now your business should be able to afford to pay the three of you and start to off-load some of your workload. Hire a firm to help you with the bookkeeping and taxes and payroll. Off-load some of your billable work to your new hires and keep the path toward giving away your job duties to others while bringing in the new business to support the expense.
It can be a roller coaster of paying others before yourself but staying the course and compressing the timeframe to bring in that additional business is the key to success.
Avoid these pitfalls
I’ve seen MSP’s struggle to get off the ground. The problems can seem like many but in my experience these are the worst ones.
Hire people that can do the job, are going to stick around for a while and that you can be proud of. Stay out of debt. Debt kills businesses! Remember that software will not set you free so don’t load up on “MSP solutions” until you really know what your business looks like when it has staff. Like-wise be frugle on your license purchases and keep your office costs as low as possible. No client is coming to see you so they really don’t care where you work from. You need as much of your income to go toward payroll as possible not over-head. Finally avoid micro-managing your staff. Train them up to do it right then let them do the job. You’ve only got so many brain cycles and you need the ones you aren’t using doing technical work to focus on business growth. Because growth is ultimately what is going to get you past all of the initial hurdles so you can work your way down the growth ladder.
Read more »
Please stop disabling IPv6
Posted by Amy Babinchak on 08 March 2019 01:27 PM
A recent Windows 10 update brought to light just how many people are disabling IPv6 as part of their normal process. Should you be doing that? Probably not.
But first things first. Since so many people are disabling IPv6, many readers are probably already jaded at the prospect of allowing IPv6 on their network. I’m going to argue that in most cases it is not necessary or desirable to disable IPv6 and, in fact, it is desirable not to. But before we get to that, if you just can’t stomach it or you have some serious legacy applications or hardware, here is Microsoft’s official recommendation: Keep IPv6 enabled but issue a policy that says to prefer IPv4.
To configure IPv6, modify the following registry value based on this table.
Min Value: 0x00
Moving right along
Now that we’ve gotten that out of the way, let’s take a look at how Windows uses IPv6 even when your DHCP server is providing it an IPv4 address and your Internet router doesn’t support it.
We all know that the world is running out of IPv4 addresses. I’m not going to bother to rehash that here other than to say that this doesn’t matter for your internal network. Your internal DHCP can still use IPv4 for compatibility reasons but you’ll end up using IPv6 to access the Internet. But that still doesn’t mean that you want to disable IPv6. You actually want to use both. You can use IPv4 for the ease of readability. But let Windows prefer IPv6 for the reasons I’m going to discuss now. I think that this is the best option.
IPv6 is core to the Windows operating system and Microsoft doesn’t do any testing with it turned off so they won’t guarantee that anything will work properly without IPv6. Of course, many things do but behind the scenes, Windows has to work hard and fall back to older protocols after it finds that IPv6 isn’t available. That waiting to fail can really be felt on the PC when you disable IPv6. Back in the Windows 7 days there was a condition where there would be a lag getting to the Internet when IPv6 was enabled and your router didn’t support it. But starting with Windows 8 and Server 2012, Windows detects that there is no route to the Internet in IPv6, remembers this, and then prefers IPv4 for this type of traffic. No configuration or disabling required.
What does IPv6 do for network traffic?
There’s a persistent myth about IPv6 and that is that if you disable it you are reducing the attack surface. The truth is that your IPv6 traffic won’t get out if your router doesn’t support it and if it does support IPv6 then it will protect the internal traffic. Since IPv6 header information is encrypted, your internal network is actually safer.
Additional benefits that might seem scary
IPv6 doesn’t need a DHCP server because it doesn’t use NAT. The individual device is capable of assigning itself an address. It queries the network for the prefix and the automatically assigns the rest. What is so scary about that? It’s a loss of control. There no more GUI to look at and see which machines are using which addresses. You’ll have to query for that information. But if the computers are self-assigning and assuring that there are no duplicates automatically then why do we really need to care? It’s the letting go of past practices that is the scary part, not the technology itself.
Letting go of NAT is probably the scariest part for many IT admins. NAT gives you this illusion that your network is safe. And yet every day in a million ways each device makes a connection to the Internet and traffic directly routes to it from the Internet. If the device wants to allow an incoming connection it either makes the initial call or a port is opened in its local firewall. Guess what? The same thing happens when you use IPv6 except that the router doesn’t have to do all of those NAT calculations. NAT was never about security.
While Group Policy and DHCP servers might not be eliminated from your network yet, they will be eventually. While some businesses still have digital key phones and all of their employees work in the office they aren’t in the majority anymore. I dare say that there aren’t any businesses that don’t have some form of IoT on their network at this point. Even security cameras and network-connected time clocks count as IoT and many businesses have a lot more variety of IoT devices than that. The point is that the very definition of networking has changed as has the very definition of “the edge.”
You’ve probably read that “the edge” is the user credentials. It’s true. Now that users have access to corporate data from mobile phones, desktop phones, softphones, laptops, tablets, and so much more while on the road and in the office, the edge is getting pretty transparent. I mean, when you can take the desktop phone off your desk and plug into your home Internet and make a call with no additional configuration needed? The world of networking has changed. It’s not, your DNS, DHCP, your NAT scheme, or your firewall that is protecting the network. It’s the credentials on that phone that count. That’s our edge and it is where we need to focus on security.
Forget about the imagined pitfalls of IPv6. It’s small, more nimble, encrypted, and secure. We need to focus our efforts on modernization to make sure that we aren’t crippling our networks by hanging onto legacy networking technologies. The easiest way to adopt IPv6 is to simply stop disabling it.
Read more »
Rethinking Network Design where there's no server
Posted by Amy Babinchak on 28 February 2019 10:36 AM
Make your IT business better than the competition. IT Pro Helpdesk, TechYourBooks, Super Secret News, Women in IT Scholarship program, Ransomware Prevention Kit and more. https://www.thirdtier.net
Read more »
The surprising places your Teams data is stored
Posted by Amy Babinchak on 01 February 2019 11:45 AM
Microsoft Teams is taking the collaboration world by storm. It’s crushed Microsoft’s fastest growing software award. Now Skype and StaffHub have been migrated into Teams. Although Teams is closely connected to SharePoint you might be surprised to find out exactly where different types of Teams data get stored.Teams stores data in Exchange, Stream, Groups, SharePoint, and OneDrive for Business with some locations hidden and some not. It can even store data in third-party locations, like Dropbox, Google Docs, and others if you choose to enable those features.
As an end-user of Teams, there is little reason for you to care where the data actually is because you can get to all of it within the program itself. But as an admin, you might have occasion to know.
Teams is based on Office 365 Groups but less tightly or obviously than it used to be and it has its hooks into everything — some by default and some by choice. Let’s take a look at where our data is going and how we find it in those locations.
Finding your chat data
There are several kinds of chat. (I listed them above.) The key thing to know about chat is that it is persistent chat, meaning that the content doesn’t go away when you end the chat. It remains so that members of the chat can continue to reference what was discussed and can pick up conversations to continue them later. This should reduce the number of times that users have to go to the admin to ask for something that was in chat.
Where that information gets stored on the back-end depends on who you are chatting with and if you shared any files during that chat.
One-to-one chat data is stored in a hidden folder within your mailbox. This folder contains all of the conversations that were had in that chat. Each member of the chat retains their own copy. This folder only exists for the purpose of data retention, litigation holds, and compliance. The only way to discover the contents of this folder is to perform an eDiscovery.
In the Security and Compliance Center, you’ll start a Content Search and then narrow the search location to chat in Teams, the date, and any other criteria you’d like to set. As above, within a minute or two you’ll get a sample of the results to browse and verify that the results contain what you’re looking for.
What about files?
Files that you’ve shared during the chat are stored in your OneDrive for Business account in a folder that is not hidden called Microsoft Teams Chat Files. These continue to be accessible by members of the chat. Permissions are automatically set on the file to allow the members of the chat to access it. Not everyone gets a copy of the file, so when the person that originally shared the file in the chat leaves the company, IT will be responsible for the files that were formerly shared with the chat members. This means it is really a good idea to NOT use chat as a file storage area.
Whether you are chatting with members of your own company or people outside your company the file storage and permissions are configured in the same manner.
Finding your non-chat channel data
When you create a Team, an Office 365 Group with a group mailbox is created and a SharePoint site is created too. Within the SharePoint site, a document library is created for each channel in the team.
Although these SharePoint sites are created by Teams they are not easy to locate for SharePoint users. For this reason, I like to create links to them in my SharePoint menu system. The easiest way to find the SharePoint site for any Team is to go the File section of the team and then select Open in SharePoint.
This will open SharePoint, and now you can copy the URL from your browser and use that to create a permanent link. I find it useful because sometimes I’m already in SharePoint and having this link saves me a task switch.
I mentioned that a group mailbox is also created. The mailbox houses email sent to the team. If you made a new Team in the past, an Office 365 Group was created complete with Group Mailbox and for those groups that is where the email will be. However, newly created Teams are not getting the Office 365 Group anymore. Instead, email for the group is now stored in SharePoint.
Knowing the email address for your channels and teams can save you a task switch too. If you find yourself working in Outlook and want to send something in your team, just email the Channel or Team. Click the … at the top of any team or channel to find its address.
TIP: These Teams addresses are ugly and not in your domain. They are in the @microsoft.teams.ms domain, so if you do plan to email into your Team or Channels you want to add them to your personal contact list, as a contact in Exchange, or do like I do and add that address to a mail-enabled distribution group that has a memorable email address. That way it will show up in your global address book and everyone can use it easily.
Finding your meeting data
Microsoft Teams meetings generate two types of data — meeting recordings and chat and file upload data.
Meeting recordings are stored in Stream. This might be surprising for people migrating over from Skype because Skype stored the file locally. Teams does not. It saves into the companies Stream app. Specifically, it saves into the organizers Stream account and the content is automatically shared with all invited people.
For the content owner, the meeting shows up under the My Content menu. For everyone else, it will show up under the Discover menu. Initially, a new video is labeled as Trending and it will appear on the Home page of Stream and in the Discover menu. As time passes, it will need to be searched for in the Discover menu. They can be located by title, date, and other criteria.
As far as chat within the meeting and files shared in the meeting, those are stored the same as always in Teams. Meaning the files go into the Microsoft Teams chat files folder of the sharer and the chat is available only under Discovery.
Finding your voicemail data
If you are using Teams as your phone system, then you might be wondering where the voicemail is stored. Voicemail is stored in the user’s mailbox. This includes the transcriptions of the voicemail too.
Yes, your Teams data is everywhere
So that’s that simple, right? All you need to be able to find your data in Teams is SharePoint, Exchange, Stream, OneDrive for Business, and eDiscovery rights. ???? I do jest. While your data is everywhere, it’s everywhere for good a reason. Teams is the app that unifies so many things in Office/Microsoft 365, which means while your data is flying here and there, you don’t have to and that is a big time saver. Task switching is a productivity disease and Teams is the cure.
About Third Tier
Open a ticket with us! Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.
Read more »